CVE-2025-43434

CVE-2025-43434 is a use-after-free in WebKitGTK/WebKit that can cause a crash when processing crafted web content. Connected advisories show affected package webkitgtk4 and related WebKitGTK/WebKit components; fixes are shipped as webkitgtk4-2.50.4-1.amzn2.* for Amazon Linux 2 (and corresponding ...

CVE-2025-43434

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2025-43398

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination...

CVE-2025-43398

The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. An app may be able to cause unexpected system termination...

CVE-2025-43458

This issue was addressed through improved state management. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43458

CVE-2025-43458 is a WebKitGTK/WebKit-related issue described in multiple advisories as a fault in processing maliciously crafted web content that can trigger an unexpected process crash. The core detail in the CVE entry states the fix was implemented via improved state management, with remediatio...

CVE-2025-43458

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43419

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to memory corruption...

CVE-2025-43462

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2025-43462

The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2025-43435

CVE-2025-43435 involves a memory handling issue that could cause an unexpected process crash when processing maliciously crafted web content. Apple fixed the vulnerability in multiple platforms and versions: tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18....

CVE-2025-43423

CVE-2025-43423 affects multiple Apple platforms including macOS Tahoe 26.1, macOS Sequoia 15.7.2, iOS 26.1/iPadOS 26.1, and iOS 18.7.2/iPadOS 18.7.2, as well as visionOS 26.1. The issue is a logging-related information disclosure that could allow an attacker with physical access to an unlocked de...

CVE-2025-43507

A privacy issue was addressed by moving sensitive data. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to fingerprint the user...

CVE-2025-43424

The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. A malicious HID device may cause an unexpected process crash...

CVE-2025-43500

The CVE-2025-43500 privacy issue affects Apple platforms (iOS, iPadOS, watchOS, macOS Tahoe, visionOS) and is caused by improved handling of user preferences, with a fixed release in version 26.1. The issue could allow an app to access sensitive user data, as indicated by the description and CVSS...

CVE-2025-43445

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing a maliciously crafted media file may...

CVE-2025-43413

CVE-2025-43413 describes an access issue whereby a sandboxed app could observe system-wide network connections. Apple fixed this by applying additional sandbox restrictions in multiple platforms and versions: tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7....

CVE-2025-43385

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app...

CVE-2025-43429

A buffer overflow was addressed with improved bounds checking. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43429

CVE-2025-43429 is a buffer overflow in processing malicious web content, addressed by improved bounds checking. Public advisories and records confirm the issue affects WebKit-derived engines (Safari/WebKit on Apple platforms) and WebKitGTK/WebKit2GTK deployments. Affected and fixed details includ...