CVE-2025-24239

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

CVE-2025-24239

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

PT-2025-13921 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: A downgrade issue was addressed with additional code-signing restrictions. This issue allows an app to potentially access protected user data. Recommendations: For versions prior to 15.4, update to...

About the security content of macOS Sequoia 15.4

About the security content of macOS Sequoia 15.4 This document describes the security content of macOS Sequoia 15.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

CVE-2025-24122

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system...

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data...

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...

CVE-2025-24122

CVE-2025-24122 concerns a downgrade issue on Intel-based Macs that was addressed by additional code-signing restrictions. It is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3 and macOS Sequoia 15.3. The issue could allow an app to modify protected parts of the file system due to the downgrade...

CVE-2025-24122

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system...

CVE-2025-24122

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system...

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...

CVE-2025-24109

CVE-2025-24109 relates to a downgrade issue that was addressed by adding code-signing restrictions. The NVD entry states the issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, and macOS Sonoma 14.7.3, with the impact described as an app potentially accessing sensitive user data. Affected...

PT-2025-5286 · Apple · Macos Sonoma +3

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.3 macOS Sequoia versions prior to 15.3 macOS Sonoma versions prior to 14.7.3 Description: A downgrade issue was addressed with additional code-signing restrictions. This issue may allow an app to access...

About the security content of macOS Ventura 13.7.3

About the security content of macOS Ventura 13.7.3 This document describes the security content of macOS Ventura 13.7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

CVE-2024-12668

Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the...

CVE-2024-12668 Velocidex WinPmem Out of Bounds Write Vulnerability

Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the...

CVE-2024-52548

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...