188 matches found
Astra Linux – Vulnerability in WebKit2GTK
A memory corruption issue has been resolved through improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 v. 14610.4.3.1.7 and 15610.4.3.1.7, watchOS 7.3.2, and macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2025-43289
Summary : CVE-2025-43289 involves a logic issue in macOS that was mitigated by improved input validation. Affected products/versions : macOS Sonoma 14.8; fixes are included in macOS Sequoia 15.7 and macOS Tahoe 26. Vulnerability details : A malicious app could access sensitive user data due to th...
PT-2026-39780
Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 Description A parsing issue in the handling of directory paths could allow an app to gain root privileges. This was addressed by...
CVE-2025-43534
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to bypass Activation Lock...
CVE-2026-20688
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox...
EUVD-2026-15089
A path handling issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.4. An app with root privileges may be able to delete protected system files...
EUVD-2026-15059
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox...
EUVD-2026-15077
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission...
PT-2026-27542
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.5 macOS Tahoe versions prior to 26.4 visionOS versions prior to 26.4 Description A flaw exists in path handling...
PT-2026-27559
Name of the Vulnerable Software and Affected Versions macOS versions prior to 26.4 Description A path handling issue existed with inadequate validation. This allowed an application with root privileges to potentially delete protected system files. Recommendations Update to macOS version 26.4...
PT-2026-27525
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.7 iPadOS versions prior to 18.7.7 iOS version 26.2 iPadOS version 26.2 Description A path handling issue exists due to improved validation. This may allow a user with physical access to bypass Activation Lock. The...
CVE-2026-20627
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data...
CVE-2025-43537
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2026-20625
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data...
CVE-2026-20624
CVE-2026-20624 is an injection issue in AppleMobileFileIntegrity that was fixed by improved validation. Affected platforms include macOS Sequoia 15.7.4, macOS Tahoe 26.3, and macOS Sonoma 14.8.4, where an app may be able to access sensitive user data. Remediation is to apply the corresponding OS ...
CVE-2026-20615
CVE-2026-20615 is a path-handling vulnerability described across multiple sources as fixed by Apple in iOS 26.3/iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, and visionOS 26.3. The issue, reported in CoreServices (path validation), could allow an app to gain root privileges due to improper ...
CVE-2026-20614
CVE-2026-20614 describes a path handling issue that was fixed by improved validation. The vulnerability affects Apple macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, and macOS Tahoe 26.3, where an adversary’s app could potentially gain root privileges via local access. The connected sources confirm th...
CVE-2026-20627
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3, watchOS 26.3. An app may be able to access sensitive user data...
CVE-2026-20627
CVE-2026-20627 involves an issue in the handling of environment variables that Apple fixed by improved validation. The vulnerability affects multiple Apple platforms and is addressed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3, and iPadOS 26.3 (and macOS Sonoma...
CVE-2025-43537
CVE-2025-43537 describes a path handling issue fixed by improved validation in Apple OS updates. Affected components relate to restoring a maliciously crafted backup file that could modify protected system files. Public references from Apple confirm fixes in iOS 18.7.5 and iPadOS 18.7.5, and simi...