CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24223 – webkitgtk: Processing maliciously crafted web content may lead to memory corruption
https://notcve.org/view.php?id=CVE-2025-24223
12 May 2025 — The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory handling and result in memory corruption. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overf... • https://support.apple.com/en-us/122404 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31257 – Apple Security Advisory 05-12-2025-9
https://notcve.org/view.php?id=CVE-2025-31257
12 May 2025 — This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-31217 – Apple Security Advisory 05-12-2025-9
https://notcve.org/view.php?id=CVE-2025-31217
12 May 2025 — The issue was addressed with improved input validation. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-31206 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-31206
12 May 2025 — A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. A flaw was found in WebKitGTK. Processing malicious web content can cause a type confusion issue due to improper state handling and result in an unexpected crash. macOS Sequoia 15.5 addresses bypass, code execution, double fre... • https://support.apple.com/en-us/122404 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31204 – webkitgtk: Processing maliciously crafted web content may lead to memory corruption
https://notcve.org/view.php?id=CVE-2025-31204
12 May 2025 — The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. A flaw was found in WebKitGTK. Processing malicious web content can cause out-of-bounds memory access due to improper memory handling and result in memory corruption. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer ... • https://support.apple.com/en-us/122404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31205 – Apple Security Advisory 05-12-2025-9
https://notcve.org/view.php?id=CVE-2025-31205
12 May 2025 — The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31238 – Apple Security Advisory 05-12-2025-9
https://notcve.org/view.php?id=CVE-2025-31238
12 May 2025 — The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-31215 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2025-31215
12 May 2025 — The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash. A flaw was found in WebKitGTK. Processing malicious web content can cause a NULL pointer dereference due to improper checks, resulting in an unexpected process crash. macOS Sequoia 15.5 addresses bypass, code execution, double free, information l... • https://support.apple.com/en-us/122404 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31223 – Apple Security Advisory 05-12-2025-9
https://notcve.org/view.php?id=CVE-2025-31223
12 May 2025 — The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42970 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42970
11 Apr 2025 — A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution. A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in arbitrary code execution. • https://support.apple.com/en-us/120330 • CWE-416: Use After Free •