CVE-2025-30434

The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.4 and iPadOS 18.4. Processing a maliciously crafted file may lead to a cross site scripting attack...

CVE-2025-30434

The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.4 and iPadOS 18.4. Processing a maliciously crafted file may lead to a cross site scripting attack...

CVE-2025-30434

CVE-2025-30434 is an Apple issue affecting iOS and iPadOS tracked across multiple feeds. The vulnerability stems from processing a maliciously crafted file that could trigger a cross-site scripting (XSS) attack. Apple fixed this by improving input sanitization, with the patch shipped in iOS 18.4 ...

CVE-2025-30463

The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-30463

The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24230

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Playing a malicious audio file may lead to an unexpected...

CVE-2025-30438

This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to dismiss the system notification on the Lock Screen that a recording w...

CVE-2025-24210

From the connected advisories, CVE-2025-24210 maps to a logic error fixed by Apple in multiple platform updates. Affected: visionOS 2.4; macOS Ventura 13.7.5; tvOS 18.4; iPadOS 17.7.6; iOS 18.4; iPadOS 18.4; macOS Sequoia 15.4; macOS Sonoma 14.7.5. Issue: image parsing may disclose user informati...

CVE-2025-24178

CVE-2025-24178 affects Apple platforms via a sandbox-escape issue addressed by updates across several OS versions: macOS Ventura 13.7.5; macOS Sequoia 15.4; macOS Sonoma 14.7.5; iOS 18.4; iPadOS 18.4; tvOS 18.4. The root cause is described as improved state management, enabling an app to break ou...

CVE-2025-24178

This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to break out of its sandbox...

CVE-2025-24178

This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox...

CVE-2025-31182

CVE-2025-31182 : Apple addresses an issue where an app could delete files it should not access due to improper handling of symlinks. The vulnerability affects multiple Apple OS versions and is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, and m...

CVE-2025-24237

A buffer overflow was addressed with improved bounds checking. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination...

CVE-2025-24237

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination...

CVE-2025-24221

CVE-2025-24221 affects Apple devices and is addressed by patches in visionOS 2.4, iOS 18.4, iPadOS 18.4, and iPadOS 17.7.6. The root cause is improved data access restriction that prevents unauthorized exposure of keychain data in iOS backups. Impact is that sensitive keychain data may have been ...

CVE-2025-24173

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox...

CVE-2025-24173

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox...

CVE-2025-30433

The CVE-2025-30433 issue concerns the Shortcuts app on Apple platforms where a shortcut could access files normally inaccessible to Shortcuts. The root cause is insufficient access restrictions within the Shortcuts environment. Affects multiple Apple OS lines; fixes are delivered as OS updates: i...

CVE-2025-30433

This issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. A shortcut may be able to access files that are normally inaccessible to the...

CVE-2025-24283

A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...