Macos Security Vulnerabilities and Issues — Macos CVE List

Lucene search

AppleMacos

416 matches found

CVE•added 2025/01/27 10:15 p.m.•769 views

CVE-2025-24146

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging.

9.8CVSS5.7AI score0.00114EPSS

CVE•added 2025/01/27 10:15 p.m.•658 views

CVE-2025-24102

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user’s current location.

9.8CVSS5.8AI score0.00157EPSS

CVE•added 2025/01/27 10:15 p.m.•494 views

CVE-2025-24092

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information.

5.5CVSS5.7AI score0.00014EPSS

CVE•added 2025/03/11 6:15 p.m.•440 views

CVE-2025-24201

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Malic...

8.8CVSS7.8AI score0.00049EPSS

In wild

CVE•added 2025/01/27 10:15 p.m.•437 views

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS6.9AI score0.0005EPSS

CVE•added 2025/01/27 10:15 p.m.•425 views

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.

6.5CVSS5.7AI score0.00182EPSS

CVE•added 2025/01/27 10:15 p.m.•391 views

CVE-2025-24154

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.

9.1CVSS5.9AI score0.00152EPSS

CVE•added 2025/01/27 10:15 p.m.•387 views

CVE-2025-24174

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences.

7.7CVSS6AI score0.00023EPSS

CVE•added 2025/01/27 10:15 p.m.•385 views

CVE-2025-24149

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information.

5.5CVSS5.6AI score0.00021EPSS

CVE•added 2025/01/27 10:15 p.m.•377 views

CVE-2025-24151

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or corrupt kernel memory.

5.5CVSS6AI score0.00018EPSS

CVE•added 2025/01/27 10:15 p.m.•374 views

CVE-2025-24123

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS5.7AI score0.00051EPSS

CVE•added 2025/01/27 10:15 p.m.•358 views

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data.

9.8CVSS5.9AI score0.00044EPSS

CVE•added 2025/01/27 10:15 p.m.•353 views

CVE-2025-24085

A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been activ...

7.8CVSS5.8AI score0.0986EPSS

In wild

CVE•added 2025/01/27 10:15 p.m.•330 views

CVE-2025-24115

A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read files outside of its sandbox.

6.3CVSS5.8AI score0.00017EPSS

CVE•added 2025/01/27 10:15 p.m.•329 views

CVE-2024-54478

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process cra...

6.5CVSS5.9AI score0.00133EPSS

CVE•added 2025/04/16 7:15 p.m.•310 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report ...

6.8CVSS6.7AI score0.00303EPSS

In wild

CVE•added 2025/01/27 10:15 p.m.•291 views

CVE-2025-24124

5.5CVSS5.7AI score0.00025EPSS

CVE•added 2025/04/29 3:15 a.m.•287 views

CVE-2025-24252

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory.

9.8CVSS7.7AI score0.00031EPSS

CVE•added 2025/01/27 10:15 p.m.•280 views

CVE-2025-24130

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system.

9.8CVSS5.9AI score0.00037EPSS

CVE•added 2025/01/27 10:15 p.m.•279 views

CVE-2025-24122

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system.

5.5CVSS6AI score0.00016EPSS

CVE•added 2025/01/27 10:15 p.m.•279 views

CVE-2025-24139

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a maliciously crafted file may lead to an unexpected app termination.

7.8CVSS6AI score0.00019EPSS

CVE•added 2025/01/27 10:15 p.m.•270 views

CVE-2025-24106

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS6AI score0.00039EPSS

CVE•added 2025/01/27 10:15 p.m.•261 views

CVE-2025-24093

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3. An app may be able to access removable volumes without user consent.

9.8CVSS6AI score0.00107EPSS

CVE•added 2025/01/27 10:15 p.m.•252 views

CVE-2025-24103

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access protected user data.

9.8CVSS5.9AI score0.00062EPSS

CVE•added 2025/01/27 10:15 p.m.•241 views

CVE-2025-24138

This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious application may be able to leak sensitive user information.

5.5CVSS5.9AI score0.00017EPSS

CVE•added 2025/04/16 7:15 p.m.•218 views

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that th...

7.5CVSS5.6AI score0.0019EPSS

In wild

CVE•added 2025/01/27 10:15 p.m.•214 views

CVE-2025-24126

An input validation issue was addressed. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker on the local network may be able to cause unexpected system termination or corrupt process memory.

9.8CVSS6AI score0.00135EPSS

CVE•added 2025/06/16 10:16 p.m.•206 views

CVE-2025-43200

This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed whe...

4.8CVSS5.8AI score0.00137EPSS

In wild

CVE•added 2025/02/10 7:15 p.m.•182 views

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

6.5CVSS6.4AI score0.00152EPSS

CVE•added 2025/01/27 10:15 p.m.•160 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00195EPSS

CVE•added 2025/08/21 1:15 a.m.•158 views

CVE-2025-43300

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a repo...

8.8CVSS5.9AI score0.0172EPSS

In wild

CVE•added 2025/03/31 11:15 p.m.•155 views

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.9AI score0.00075EPSS

CVE•added 2025/05/12 10:15 p.m.•153 views

CVE-2025-31257

This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.7CVSS5.8AI score0.00083EPSS

CVE•added 2025/01/27 10:15 p.m.•145 views

CVE-2025-24162

This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS6AI score0.0023EPSS

CVE•added 2025/05/12 10:15 p.m.•141 views

CVE-2025-31258

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.

6.5CVSS6.2AI score0.00015EPSS

CVE•added 2025/03/31 11:15 p.m.•137 views

CVE-2025-24203

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.

5CVSS5.8AI score0.00005EPSS

CVE•added 2025/01/27 10:15 p.m.•135 views

CVE-2025-24118

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.

9.8CVSS6AI score0.06447EPSS

CVE•added 2025/01/27 10:15 p.m.•130 views

CVE-2025-24163

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00025EPSS

CVE•added 2025/03/21 12:15 a.m.•128 views

CVE-2024-54551

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.

7.5CVSS5.8AI score0.00229EPSS

CVE•added 2025/03/31 11:15 p.m.•125 views

CVE-2025-24264

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

9.8CVSS5.5AI score0.00113EPSS

CVE•added 2025/03/31 11:15 p.m.•124 views

CVE-2025-24216

4.3CVSS5.5AI score0.00064EPSS

CVE•added 2025/03/31 11:15 p.m.•122 views

CVE-2025-24209

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash.

7CVSS6.4AI score0.00089EPSS

CVE•added 2025/03/10 7:15 p.m.•118 views

CVE-2024-44192

The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS5.8AI score0.00097EPSS

CVE•added 2025/01/27 10:15 p.m.•116 views

CVE-2024-54543

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.00173EPSS

CVE•added 2025/03/31 11:15 p.m.•116 views

CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.

7.8CVSS7.5AI score0.0002EPSS

CVE•added 2025/05/12 10:15 p.m.•115 views

CVE-2025-31205

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.

6.5CVSS5.7AI score0.00025EPSS

CVE•added 2025/03/10 7:15 p.m.•110 views

CVE-2024-54467

A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

6.5CVSS5.6AI score0.00082EPSS

CVE•added 2025/01/27 10:15 p.m.•107 views

CVE-2025-24137

A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution.

8CVSS7.2AI score0.00163EPSS

CVE•added 2025/01/27 10:15 p.m.•107 views

CVE-2025-24143

The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

6.5CVSS5.5AI score0.00082EPSS

CVE•added 2025/01/15 8:15 p.m.•105 views

CVE-2024-27856

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution.

7.8CVSS6.6AI score0.00051EPSS

Total number of security vulnerabilities416