CVE-2025-31216

The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles...

CVE-2025-31216

CVE-2025-31216 affects Apple iOS/iPadOS: an attacker with physical access could override managed Wi‑Fi profiles. Apple fixed this in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5 with “improved checks.” The vulnerability is documented across NVD/Red Hat/ENISA entries, tying to Wi‑Fi profile handling. R...

EUVD-2025-14614

Malicious code in bioql PyPI...

EUVD-2025-14621

Malicious code in bioql PyPI...

CVE-2025-31228

The issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to access notes from the lock screen...

CVE-2025-31235

A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination...

CVE-2025-31228

The issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to access notes from the lock screen...

CVE-2025-31210

The issue was addressed with improved UI. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing web content may lead to a denial-of-service...

CVE-2025-24225

An injection issue was addressed with improved input validation. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. Processing an email may lead to user interface spoofing...

CVE-2025-24144

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Ventura 13.7.6, iOS 18.3 and iPadOS 18.3, tvOS 18.3. An app may be able to leak sensitive kernel state...

CVE-2025-24220

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.9. An app may be able to read a persistent device identifier...

CVE-2025-24225

CVE-2025-24225 is an injection issue in Apple’s mail-processing path that arises from insufficient input validation, potentially enabling user-interface spoofing when processing an email. The vulnerability affects iPadOS/iOS versions as noted: iPadOS 18.5 and iOS 18.5 (and iPadOS 17.7.7 also list...

CVE-2025-31228

The issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to access notes from the lock screen...

CVE-2025-31208

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination...

CVE-2025-31235

CVE-2025-31235 is a local, memory‑corruption issue in Apple’s coreaudiod where a double‑free leads to an out‑of‑bounds or invalid dereference chain. The connected Google Project Zero write‑up explicates exploitation context for CVE-2025-31235 in coreaudiod alongside CVE-2024-54529, detailing how ...

CVE-2025-24220

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4. An app may be able to read a persistent device identifier...

CVE-2025-24220

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.9. An app may be able to read a persistent device identifier...