CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31236 – Apple Security Advisory 05-12-2025-3
https://notcve.org/view.php?id=CVE-2025-31236
12 May 2025 — An app may be able to access sensitive user data. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24274 – Apple Security Advisory 05-12-2025-5
https://notcve.org/view.php?id=CVE-2025-24274
12 May 2025 — A malicious app may be able to gain root privileges. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31241 – Apple Security Advisory 05-12-2025-8
https://notcve.org/view.php?id=CVE-2025-31241
12 May 2025 — A remote attacker may cause an unexpected app termination. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-415: Double Free •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31257 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-31257
12 May 2025 — Processing malicious web content can cause a use-after-free issue due to improper memory handling and result in an unexpected crash. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31256 – Apple Security Advisory 05-12-2025-3
https://notcve.org/view.php?id=CVE-2025-31256
12 May 2025 — Hot corner may unexpectedly reveal a user’s deleted notes. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24111 – Apple Security Advisory 05-12-2025-2
https://notcve.org/view.php?id=CVE-2025-24111
12 May 2025 — An app may be able to cause unexpected system termination. iPadOS 17.7.7 addresses code execution, double free, information leakage, integer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-31217 – Apple Security Advisory 05-12-2025-9
https://notcve.org/view.php?id=CVE-2025-31217
12 May 2025 — Processing maliciously crafted web content may lead to an unexpected Safari crash. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31240 – Apple Security Advisory 05-12-2025-5
https://notcve.org/view.php?id=CVE-2025-31240
12 May 2025 — Mounting a maliciously crafted AFP network share may lead to system termination. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24222 – Apple Safari SandboxBroker ZIP File Processing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24222
12 May 2025 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the SandboxBroker process. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31237 – Apple Security Advisory 05-12-2025-5
https://notcve.org/view.php?id=CVE-2025-31237
12 May 2025 — Mounting a maliciously crafted AFP network share may lead to system termination. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-404: Improper Resource Shutdown or Release •