Macos@* Security Vulnerabilities and Issues — Page 54 of Macos@* CVE List

5.5CVSS6.1AI score0.00037EPSS

CVE-2024-23237

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service.

6.1CVSS5.8AI score0.00031EPSS

CVE-2024-40826

A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview.

5.5CVSS6.1AI score0.00053EPSS

CVE-2024-40842

An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.

7.8CVSS6.5AI score0.00026EPSS

CVE-2024-40861

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to gain root privileges.

4.4CVSS6.2AI score0.00049EPSS

CVE-2024-44130

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information.

5.5CVSS5.7AI score0.00193EPSS

CVE-2024-44131

This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.

10CVSS6.2AI score0.00236EPSS

CVE-2024-44148

This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.

cve•added 2025/03/10 7:15 p.m.•35 views

CVE-2024-54473

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.

5.5CVSS5.8AI score0.00021EPSS

cve•added 2025/05/12 10:15 p.m.•35 views

CVE-2025-31226

A logic issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5. Processing a maliciously crafted image may lead to a denial-of-service.

5.5CVSS5.7AI score0.00015EPSS

cve•added 2025/07/30 12:15 a.m.•35 views

CVE-2025-43211

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.

6.2CVSS5.3AI score0.00017EPSS

cve•added 2024/01/10 10:15 p.m.•34 views

CVE-2022-48577

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.

5.5CVSS5.2AI score0.0015EPSS

cve•added 2023/09/06 2:15 a.m.•34 views

CVE-2023-28210

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.

7.8CVSS7.2AI score0.00083EPSS

cve•added 2023/09/06 2:15 a.m.•34 views

CVE-2023-28211

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.

7.8CVSS7.2AI score0.00083EPSS

cve•added 2024/09/17 12:15 a.m.•34 views

CVE-2024-44132

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.

8.8CVSS6.2AI score0.00058EPSS

cve•added 2024/10/28 9:15 p.m.•34 views

CVE-2024-44203

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.

7.5CVSS5.6AI score0.00101EPSS

cve•added 2024/10/28 9:15 p.m.•33 views

CVE-2024-27849

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.

3.3CVSS5.4AI score0.00048EPSS

cve•added 2025/05/12 10:15 p.m.•33 views

CVE-2025-30442

The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain elevated privileges.

7.8CVSS6.2AI score0.00024EPSS

cve•added 2024/01/10 10:15 p.m.•32 views

CVE-2022-47965

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00106EPSS

cve•added 2024/09/17 12:15 a.m.•32 views

CVE-2024-40831

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.

5.5CVSS6.2AI score0.00036EPSS

cve•added 2024/10/28 9:15 p.m.•32 views

CVE-2024-44174

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An attacker may be able to view restricted content from the lock screen.

5.5CVSS5.5AI score0.00053EPSS

cve•added 2025/05/12 10:15 p.m.•30 views

CVE-2025-31195

The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.

6.3CVSS6.3AI score0.00017EPSS

cve•added 2025/05/19 4:15 p.m.•23 views

CVE-2025-24184

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to cause unexpected system termination.

5.5CVSS5.3AI score0.0001EPSS

cve•added 2025/05/19 4:15 p.m.•21 views

CVE-2025-24183

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A local user may be able to modify protected parts of the file system.

5.5CVSS5.3AI score0.00014EPSS

cve•added 2025/05/19 4:15 p.m.•20 views

CVE-2025-31262

A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to modify protected parts of the file system.

5.5CVSS5.3AI score0.00008EPSS

cve•added 2025/07/30 12:15 a.m.•20 views

CVE-2025-43186

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6, macOS Ventura 13.7.7. Parsing a file may lead to an unexpected app termination.

9.8CVSS5.7AI score0.00092EPSS

cve•added 2025/08/29 1:15 a.m.•19 views

CVE-2025-43187

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code.

7.8CVSS6.5AI score0.00013EPSS

cve•added 2025/08/29 1:15 a.m.•19 views

CVE-2025-43255

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.

3.3CVSS5.4AI score0.00012EPSS

cve•added 2025/07/30 12:15 a.m.•14 views

CVE-2025-31277

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.4AI score0.0005EPSS

cve•added 2025/08/29 1:15 a.m.•14 views

CVE-2025-43268

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.

7.8CVSS6AI score0.00011EPSS

7.8CVSS6.4AI score0.00013EPSS

CVE-2025-31243

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to gain root privileges.

6.2CVSS5.5AI score0.00032EPSS

CVE-2025-43191

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.

7.1CVSS5.8AI score0.00013EPSS

CVE-2025-43221

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, visionOS 2.6, tvOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

9.8CVSS6.3AI score0.00066EPSS

CVE-2025-43222

A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An attacker may be able to cause unexpected app termination.

4CVSS5.7AI score0.00016EPSS

CVE-2025-43226

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6. Processing a maliciously crafted image may result in disclosure of process memory.

9.8CVSS6.1AI score0.00061EPSS

CVE-2025-43232

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to bypass certain Privacy preferences.

9.8CVSS5.4AI score0.00059EPSS

CVE-2025-43233

This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app acting as a HTTPS proxy could get access to sensitive user data.

5.5CVSS6AI score0.00013EPSS

CVE-2025-43241

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to read files outside of its sandbox.

9.8CVSS5.9AI score0.00055EPSS

CVE-2025-43244

A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.

7.8CVSS6.2AI score0.00012EPSS

CVE-2025-43248

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges.

6.5CVSS6.2AI score0.00039EPSS

CVE-2025-43252

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks.

7.1CVSS5.6AI score0.00013EPSS

CVE-2025-43254

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. Processing a maliciously crafted file may lead to unexpected app termination.

7.8CVSS5.8AI score0.00015EPSS

CVE-2025-43277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted audio file may lead to memory corruption.

9.8CVSS6AI score0.0005EPSS

CVE-2025-31279

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user.

9.1CVSS5.8AI score0.00162EPSS

CVE-2025-31281

An input validation issue was addressed with improved memory handling. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted file may lead to unexpected app termination.

7.8CVSS6.4AI score0.00016EPSS

CVE-2025-43188

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.