CVE-2025-24198

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access may be able to use Siri to access sensitive user data...

CVE-2025-24205

An authorization issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access user-sensitive data...

CVE-2025-24208

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack...

CVE-2025-24193

This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos...

CVE-2025-24194

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may result in the disclosure of process memory...

CVE-2025-24190

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or...

CVE-2025-24192

A script imports issue was addressed with improved isolation. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Visiting a website may leak sensitive data...

CVE-2025-24173

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox...

CVE-2025-24173

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox...

CVE-2025-24167

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated...

CVE-2025-24095

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4. An app may be able to bypass Privacy preferences...

UBUNTU-CVE-2025-24208

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack...

CVE-2025-24167

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated...

CVE-2025-24167

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A download's origin may be incorrectly associated...

CVE-2025-30470

The CVE-2025-30470 entry corresponds to a path-handling issue in Apple Maps that could allow an app to read sensitive location information. Concrete details from connected sources show this flaw affecting Maps functionality on Apple Watch (watchOS 11.4 security content lists CVE-2025-30470 under ...

CVE-2025-30427

CVE-2025-30427 is a use-after-free vulnerability in processing maliciously crafted web content that may lead to an unexpected Safari crash. Affected in multiple Apple platforms; fixes are implemented in visionOS 2.4, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, and Safari 18.4. Debian...

CVE-2025-24215

CVE-2025-24215 affects macOS/macOS components as acknowledged by Apple advisories. The issue is described as a vulnerability that could allow a malicious app to access private information. Mitigation is through updates: macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, and macOS Sonoma 14....

CVE-2025-24215

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

CVE-2025-24215

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to access private information...

CVE-2025-24203

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to modify protected parts of the file system...