Filtered by vendor Apple
Subscriptions
Total
13046 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43252 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 6.5 Medium |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks. | ||||
| CVE-2025-43251 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 5.5 Medium |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items. | ||||
| CVE-2025-43248 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-11-03 | 7.8 High |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-43239 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-03 | 7.1 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2025-43237 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 9.8 Critical |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-43235 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause a denial-of-service. | ||||
| CVE-2025-43225 | 1 Apple | 5 Ipados, Macos, Macos Sequoia and 2 more | 2025-11-03 | 5.5 Medium |
| A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to access sensitive user data. | ||||
| CVE-2025-43224 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2025-11-03 | 7.1 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43221 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2025-11-03 | 7.1 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, visionOS 2.6, tvOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43218 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted USD file may disclose memory contents. | ||||
| CVE-2025-43215 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory. | ||||
| CVE-2025-43188 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-43185 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-03 | 5.5 Medium |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data. | ||||
| CVE-2025-36047 | 4 Apple, Ibm, Linux and 1 more | 7 Macos, Aix, I and 4 more | 2025-11-03 | 5.3 Medium |
| IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. | ||||
| CVE-2025-31280 | 1 Apple | 2 Macos, Sequoia | 2025-11-03 | 7.8 High |
| A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption. | ||||
| CVE-2025-31275 | 1 Apple | 1 Macos | 2025-11-03 | 6.2 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to launch any installed app. | ||||
| CVE-2025-31229 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | 9.1 Critical |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver. | ||||
| CVE-2025-24119 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-03 | 7.8 High |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | ||||
| CVE-2025-54257 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-11-03 | 7.8 High |
| Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and scope is unchanged. | ||||
| CVE-2025-43375 | 1 Apple | 1 Xcode | 2025-11-03 | 7.5 High |
| The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process. | ||||