CVE-2025-24123

CVE-2025-24123 affects multiple Apple OSes where parsing a file could cause an unexpected app termination. According to the document, the issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, and tvOS ...

CVE-2025-24123

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination...

CVE-2024-54530

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing authentication...

CVE-2024-54530

CVE-2024-54530 affects Apple devices with iOS 18.2 and iPadOS 18.2 (and corresponding macOS/watchOS/visionOS updates) where the password autofill feature may fill in passwords after a failed authentication. The issue is addressed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2, and iP...

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service...

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service...

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service...

CVE-2025-24158

CVE-2025-24158 is a memory-handling issue in WebKitGTK/WebKit2GTK that may allow processing web content to cause a denial-of-service. Remediations are versioned updates: for WebKitGTK/WebKit2GTK we see fixes in Debian (webkit2gtk 2.46.6-1~deb12u1 / 2.46.6-1~deb11u1) and in AL2/AL8 advisories (web...

CVE-2025-24149

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to disclosure of user information...

CVE-2025-24124

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination...

CVE-2025-24124

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination...

CVE-2024-54468

CVE-2024-54468 affects Apple platforms and concerns a sandbox escape. The initial description notes: “An app may be able to break out of its sandbox,” and that the issue was addressed with improved checks. The fixed versions span multiple Apple OS families: macOS Ventura 13.7.2, macOS Sonoma 14.7...

CVE-2025-24145

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs...

CVE-2025-24145

CVE-2025-24145 describes a privacy issue where an app may view a contact’s phone number in system logs. Affected products updated: macOS Sequoia 15.3, iOS 18.3, iPadOS 18.3. Root cause relates to private data redaction in log entries; remediation is to apply the updates listed (Sequoia 15.3, iOS ...

CVE-2025-24145

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An app may be able to view a contact's phone number in system logs...

CVE-2025-24104

This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files...

CVE-2025-24104

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files...

CVE-2025-24104

CVE-2025-24104 concerns Apple platforms (iPadOS 17.7.4, iOS 18.3, iPadOS 18.3) where the backup restore process could incorrectly handle symlinks, allowing a malicious backup to point system file reads/writes and potentially modify protected system files. Apple’s advisories indicate the issue is ...

CVE-2024-54517

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory...

CVE-2025-24128

The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing...