CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-31281 – Apple macOS USD importMeshJointWeights Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-31281
29 Jul 2025 — An input validation issue was addressed with improved memory handling. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted file may lead to unexpected app termination. Se solucionó un problema de validación de entrada mejorando el manejo de memoria. Este problema se solucionó en visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 y iPadOS 18.6. • https://support.apple.com/en-us/124147 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-43192 – Apple Security Advisory 07-29-2025-4
https://notcve.org/view.php?id=CVE-2025-43192
29 Jul 2025 — A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-driven User Enrollment may still be possible with Lockdown Mode turned on. Se solucionó un problema de configuración con restricciones adicionales. Este problema se solucionó en macOS Sequoia 15.6 y macOS Sonoma 14.7.7. • https://support.apple.com/en-us/124149 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-43184 – Apple Security Advisory 07-29-2025-5
https://notcve.org/view.php?id=CVE-2025-43184
29 Jul 2025 — This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.4. A shortcut may be able to bypass sensitive Shortcuts app settings. Este problema se solucionó añadiendo una solicitud adicional de consentimiento del usuario. Este problema está corregido en macOS Sonoma 14.7.7, macOS Ventura 13.7.7 y macOS Sequoia 15.4. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43235 – Apple Security Advisory 07-29-2025-3
https://notcve.org/view.php?id=CVE-2025-43235
29 Jul 2025 — The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause a denial-of-service. El problema se solucionó mejorando la gestión de la memoria. Este problema se solucionó en macOS Sequoia 15.6. • https://support.apple.com/en-us/124149 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43274 – Apple Security Advisory 07-29-2025-3
https://notcve.org/view.php?id=CVE-2025-43274
29 Jul 2025 — A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de privacidad eliminando el código vulnerable. Este problema se solucionó en macOS Sequoia 15.6. • https://support.apple.com/en-us/124149 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-43223 – Apple Security Advisory 07-29-2025-8
https://notcve.org/view.php?id=CVE-2025-43223
29 Jul 2025 — A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings. Se solucionó un problema de denegación de servicio mejorando la validación de entrada. Este problema está corregido en macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 y iPadOS 18.6, macOS Sonoma 14.7.7, ... • https://support.apple.com/en-us/124147 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2025-43186 – Apple macOS AudioToolbox MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-43186
29 Jul 2025 — The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6, macOS Ventura 13.7.7. Parsing a file may lead to an unexpected app termination. El problema se solucionó mejorando la gestión de la memoria. Este problema está corregido en watchOS 11.6, iOS 18.6 y iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6 y macOS Ventura 13.7.7. • https://support.apple.com/en-us/124147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2025-43209 – Apple Safari getHourCycles Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-43209
29 Jul 2025 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, visionOS 2.6, macOS Ventura 13.7.7. Processing maliciously crafted web content may lead to an unexpected Safari crash. Se solucionó un problema de acceso fuera de los límites mejorando la comprobación de los límites. Este problema está corregido en macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 y iPadOS 18.6,... • https://support.apple.com/en-us/124147 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-43214 – Apple Safari JavascriptCore WasmToJSException Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-43214
29 Jul 2025 — The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. El problema se solucionó mejorando la gestión de la memoria. Este problema está corregido en watchOS 11.6, iOS 18.6 y iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6 y visionOS 2.6. • https://support.apple.com/en-us/124147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43215 – Apple macOS USD readColor Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-43215
29 Jul 2025 — The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory. El problema se solucionó mejorando las comprobaciones. Este problema se solucionó en macOS Sequoia 15.6. • https://support.apple.com/en-us/124149 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •