Macos Security Vulnerabilities and Issues — Macos CVE List

Lucene search

AppleMacos

331 matches found

CVE•added 2025/01/27 10:15 p.m.•768 views

CVE-2025-24146

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging.

9.8CVSS5.7AI score0.0009EPSS

CVE•added 2025/01/27 10:15 p.m.•657 views

CVE-2025-24102

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user’s current location.

9.8CVSS5.8AI score0.00122EPSS

CVE•added 2025/01/27 10:15 p.m.•493 views

CVE-2025-24092

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information.

5.5CVSS5.7AI score0.00013EPSS

CVE•added 2025/01/27 10:15 p.m.•435 views

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS6.9AI score0.00044EPSS

CVE•added 2025/01/27 10:15 p.m.•411 views

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.

6.5CVSS5.7AI score0.00141EPSS

CVE•added 2025/03/11 6:15 p.m.•392 views

CVE-2025-24201

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Malic...

8.8CVSS7.8AI score0.00063EPSS

CVE•added 2025/01/27 10:15 p.m.•390 views

CVE-2025-24154

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.

9.1CVSS5.9AI score0.00117EPSS

CVE•added 2025/01/27 10:15 p.m.•386 views

CVE-2025-24174

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences.

7.7CVSS6AI score0.0002EPSS

CVE•added 2025/01/27 10:15 p.m.•383 views

CVE-2025-24149

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information.

5.5CVSS5.6AI score0.00019EPSS

CVE•added 2025/01/27 10:15 p.m.•376 views

CVE-2025-24151

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or corrupt kernel memory.

5.5CVSS6AI score0.00017EPSS

CVE•added 2025/01/27 10:15 p.m.•373 views

CVE-2025-24123

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS5.7AI score0.00045EPSS

CVE•added 2025/01/27 10:15 p.m.•357 views

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data.

9.8CVSS5.9AI score0.00039EPSS

CVE•added 2025/01/27 10:15 p.m.•328 views

CVE-2025-24115

A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read files outside of its sandbox.

6.3CVSS5.8AI score0.00015EPSS

CVE•added 2025/01/27 10:15 p.m.•327 views

CVE-2024-54478

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process cra...

6.5CVSS5.9AI score0.00104EPSS

CVE•added 2025/01/27 10:15 p.m.•318 views

CVE-2025-24085

A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been activ...

7.8CVSS5.8AI score0.0986EPSS

CVE•added 2025/01/27 10:15 p.m.•290 views

CVE-2025-24124

5.5CVSS5.7AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•279 views

CVE-2025-24130

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system.

9.8CVSS5.9AI score0.00033EPSS

CVE•added 2025/01/27 10:15 p.m.•278 views

CVE-2025-24122

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system.

5.5CVSS6AI score0.00015EPSS

CVE•added 2025/01/27 10:15 p.m.•277 views

CVE-2025-24139

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a maliciously crafted file may lead to an unexpected app termination.

7.8CVSS6AI score0.00017EPSS

CVE•added 2025/04/16 7:15 p.m.•271 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report ...

6.8CVSS6.7AI score0.00326EPSS

CVE•added 2025/01/27 10:15 p.m.•269 views

CVE-2025-24106

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS6AI score0.00036EPSS

CVE•added 2025/04/29 3:15 a.m.•263 views

CVE-2025-24252

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory.

9.8CVSS7.7AI score0.00026EPSS

CVE•added 2025/01/27 10:15 p.m.•260 views

CVE-2025-24093

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3. An app may be able to access removable volumes without user consent.

9.8CVSS6AI score0.00084EPSS

CVE•added 2025/01/27 10:15 p.m.•249 views

CVE-2025-24103

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access protected user data.

9.8CVSS5.9AI score0.00055EPSS

CVE•added 2025/01/27 10:15 p.m.•240 views

CVE-2025-24138

This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious application may be able to leak sensitive user information.

5.5CVSS5.9AI score0.00015EPSS

CVE•added 2025/01/27 10:15 p.m.•212 views

CVE-2025-24126

An input validation issue was addressed. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker on the local network may be able to cause unexpected system termination or corrupt process memory.

9.8CVSS6AI score0.00105EPSS

CVE•added 2025/04/16 7:15 p.m.•185 views

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that th...

7.5CVSS5.6AI score0.00201EPSS

CVE•added 2025/06/16 10:16 p.m.•173 views

CVE-2025-43200

This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed whe...

4.8CVSS5.8AI score0.00474EPSS

CVE•added 2025/02/10 7:15 p.m.•167 views

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

6.5CVSS6.4AI score0.00132EPSS

CVE•added 2025/01/27 10:15 p.m.•146 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00155EPSS

CVE•added 2025/01/27 10:15 p.m.•132 views

CVE-2025-24162

This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS6AI score0.00179EPSS

CVE•added 2025/01/27 10:15 p.m.•131 views

CVE-2025-24118

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.

9.8CVSS6AI score0.06447EPSS

CVE•added 2025/01/27 10:15 p.m.•129 views

CVE-2025-24163

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00022EPSS

CVE•added 2025/05/12 10:15 p.m.•127 views

CVE-2025-31258

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.

6.5CVSS6.2AI score0.00015EPSS

CVE•added 2025/03/31 11:15 p.m.•125 views

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.9AI score0.00083EPSS

CVE•added 2025/05/12 10:15 p.m.•124 views

CVE-2025-31257

This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.7CVSS5.8AI score0.00083EPSS

CVE•added 2025/03/31 11:15 p.m.•122 views

CVE-2025-24203

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.

5CVSS5.8AI score0.00006EPSS

CVE•added 2025/01/27 10:15 p.m.•106 views

CVE-2025-24137

A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution.

8CVSS7.2AI score0.00127EPSS

CVE•added 2025/01/27 10:15 p.m.•104 views

CVE-2024-54543

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.00135EPSS

CVE•added 2025/01/27 10:15 p.m.•100 views

CVE-2025-24135

This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia 15.3. An app may be able to gain elevated privileges.

7.8CVSS6.2AI score0.00021EPSS

CVE•added 2025/03/31 11:15 p.m.•99 views

CVE-2025-24264

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

9.8CVSS5.5AI score0.00099EPSS

CVE•added 2025/03/21 12:15 a.m.•98 views

CVE-2024-54551

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.

7.5CVSS5.8AI score0.00219EPSS

CVE•added 2025/03/31 11:15 p.m.•95 views

CVE-2025-24216

4.3CVSS5.5AI score0.00071EPSS

CVE•added 2025/01/27 10:15 p.m.•94 views

CVE-2025-24134

An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data.

5.5CVSS5.5AI score0.00021EPSS

CVE•added 2025/03/31 11:15 p.m.•94 views

CVE-2025-24209

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash.

7CVSS6.4AI score0.00104EPSS

CVE•added 2025/01/27 10:15 p.m.•93 views

CVE-2025-24143

The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

6.5CVSS5.5AI score0.00064EPSS

CVE•added 2025/01/27 10:15 p.m.•92 views

CVE-2024-54468

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox.

8.2CVSS5.7AI score0.00019EPSS

CVE•added 2025/03/31 11:15 p.m.•90 views

CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.

7.8CVSS7.5AI score0.00019EPSS

CVE•added 2025/01/15 8:15 p.m.•89 views

CVE-2024-27856

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution.

7.8CVSS6.6AI score0.00045EPSS

CVE•added 2025/01/27 10:15 p.m.•85 views

CVE-2024-54542

An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication.

9.1CVSS5.9AI score0.00319EPSS

Total number of security vulnerabilities331