18 matches found
CVE-2026-28904
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2026-28882
CVE-2026-28882 affects Apple platforms (iOS/iPadOS, macOS Tahoe, tvOS, visionOS, watchOS). The issue allows enumerating a user’s installed apps due to insufficient checks and is fixed in Apple releases: iOS/iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Attacker could expl...
PT-2026-27558
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.5 macOS Tahoe versions prior to 26.4 tvOS versions prior to 26.4 visionOS versions prior to 26.4 watchOS versio...
CVE-2026-20700
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this...
CVE-2025-43419
A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4: evolution-data-server,...
CVE-2025-43376
A logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on...
CVE-2025-43376
A logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on...
CVE-2025-43480
CVE-2025-43480 is a cross-origin data exfiltration vulnerability impacting Apple platforms and Safari/WebKit in general. The issue is addressed with improved checks and is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1, iPadOS 26.1, Safari 26.1, and visionOS 26.1. The CVSSv3.1 score...
EUVD-2025-29338
Malicious code in bioql PyPI...
CVE-2025-43347
This issue was addressed by removing the vulnerable code. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An input validation issue was addressed...
CVE-2025-43343
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. Processing maliciously crafted web content may lead to an unexpected process crash...
UBUNTU-CVE-2025-43272
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash...
UBUNTU-CVE-2025-43342
A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43302
CVE-2025-43302 is an out-of-bounds write issue addressed by Apple in multiple OS updates. Affected: tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, visionOS 26, iOS 18.7 and iPadOS 18.7. Root cause: insufficient bounds checking leading to potential system termina...
CVE-2025-43272
The issue was addressed with improved memory handling. This issue is fixed in visionOS 26, Safari 26, iOS 26 and iPadOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-43272
CVE-2025-43272 is a WebKitGTK-related issue (CVE-2025-43272) addressed via memory-management fixes. Publicly documented fixes reference WebKitGTK/WebKitGTK4 across multiple distributions and platforms (debian, almalinux, amazon linux). The core description in the CVE entry notes that processing m...
PT-2025-37845
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 26 iPadOS versions prior to 26 macOS versions prior to Tahoe 26 tvOS versions prior to 26 watchOS versions prior to 26 visionOS versions prior to 26 Description: A logging issue allowed an application to potentially acce...
PT-2025-37822
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 26 iPadOS versions prior to 26 macOS versions prior to Tahoe 26 tvOS versions prior to 26 watchOS versions prior to 26 visionOS versions prior to 26 Description: An application may be able to access sensitive user data d...