258 matches found
CVE-2025-43502
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. An app may be able to bypass certain Privacy preferences...
CVE-2025-43345
A correctness issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data...
CVE-2025-43493
The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Visiting a malicious website may lead to address bar spoofing...
CVE-2025-43493
CVE-2025-43493 affects multiple Apple platforms. The issue, caused by insufficient checks, may allow address bar spoofing when a user visits a malicious website. Affected products/versions include macOS Tahoe 26.1; iOS 26.1 and iPadOS 26.1; Safari 26.1; iOS 18.7.2 and iPadOS 18.7.2; visionOS 26.1...
CVE-2025-43379
CVE-2025-43379 arises from insufficient validation of symlinks in Apple OS components. Affected products include tvOS, watchOS, macOS (Tahoe 26.1; Sequoia 15.7.2; Sonoma 14.8.2), iOS/iPadOS (26.1) and visionOS 26.1. The issue may allow an app to access protected user data due to improper symlink ...
CVE-2025-43457
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-43323
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to fingerprint the user...
CVE-2025-43440
CVE-2025-43440 is a WebKitGTK/WebKitGTK4 vulnerability affecting WebKitGTK components (webkitgtk4) that can cause an unexpected process crash when processing malicious web content. Connected advisories show the issue being addressed across multiple distributions with concrete fixes: Amazon Linux ...
CVE-2025-43438
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-43455
A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. A malicious app may be able to take a screenshot of sensitive information in embedded views...
CVE-2025-43435
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43507
The CVE-2025-43507 entry describes a privacy issue in Apple platforms where sensitive data was moved, enabling an app to fingerprint the user. Affected products include watchOS, macOS (Tahoe), iOS, iPadOS, and visionOS. Root cause: exposure related to relocating or handling sensitive data that co...
CVE-2025-43439
CVE-2025-43439 affects Apple platforms (iOS, iPadOS, visionOS). Description and connected references indicate a privacy issue where an app may fingerprint the user, addressed by removing sensitive data. Fixes are included in iOS 18.7.2, iPadOS 18.7.2, iOS 26.1, iPadOS 26.1, and visionOS 26.1. Pra...
CVE-2025-43500
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.1 and iPadOS 26.1, watchOS 26.1, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data...
CVE-2025-43445
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. Processing a maliciously crafted media file may...
CVE-2025-43392
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. A website may exfiltrate image data cross-origin...
CVE-2025-43444
CVE-2025-43444 is a permissions issue described by Apple and Red Hat sources, resolved in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1, iPadOS 26.1, iOS 18.7.2, iPadOS 18.7.2, and visionOS 26.1. The issue could allow an app to fingerprint the user without interaction. Public material speci...
CVE-2025-43413
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A sandboxed app may be able to observe system-wide network connections...
CVE-2025-43389
CVE-2025-43389 is a privacy issue affecting Apple platforms. The vulnerability was addressed by removing the vulnerable code, with fixes shipped in macOS Tahoe 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, visionOS 26.1, iOS 26.1 and iPadOS 26.1, and iOS 18.7.2 and iPadOS 18.7.2. Affected comp...
Apple多款产品 安全漏洞
Apple Safari and others are products of Apple Inc. Apple Safari is a web browser that is the default browser shipped with Mac OS X and iOS operating systems. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A security vulnerability exists in multiple App...