9.8

CVSS3.1

CVE-2025-46279 - Information Disclosure of Installed Apps via Permission Misconfiguration

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. An app may be able to identify what other apps a user has installed.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 22, 2026, 8:30 p.m.

5.5

CVSS3.1

CVE-2025-46291 - Gatekeeper Bypass in macOS Tahoe

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 22, 2026, 8:30 p.m.

5.7

CVSS3.1

CVE-2025-43533 - Malicious HID Device Triggers Process Crash via Bounds Checking Error on Apple Operating Systems

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 27, 2026, 10:15 p.m.

5.5

CVSS3.1

CVE-2025-43475 - User‑Sensitive Data Leakage via Improper Log Redaction in iOS/iPadOS

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 22, 2026, 8:30 p.m.

9.8

CVSS3.1

CVE-2025-43526 - Unauthorized Web API Access via File URL in Safari Lockdown Mode

This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 27, 2026, 10:15 p.m.

5.5

CVSS3.1

CVE-2025-46288 - Apple OS Permission Issue Allowing Access to Payment Tokens

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive payment tokens.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 22, 2026, 8:30 p.m.

3.7

CVSS3.1

CVE-2025-55254 - HCL BigFix Remote Control is vulnerable to a Path-relative stylesheet import (PRSSI)

Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow to execute malicious code in certain web pages.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: Jan. 6, 2026, 7:56 p.m.

5.5

CVSS3.1

CVE-2025-46292 - iOS/iPadOS Entitlement Check Bypass Leading to Data Exposure

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 22, 2026, 8:30 p.m.

9.8

CVSS3.1

CVE-2025-43428 - Hidden Photos Visible Without Authentication

A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 22, 2026, 8:30 p.m.

5.5

CVSS3.1

CVE-2025-46283 - Logic Error Allows Application to Access Sensitive User Data on macOS

A logic issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.2. An app may be able to access sensitive user data.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 27, 2026, 10:15 p.m.
Total resulsts: 349182
Page 2549 of 34,919
Β« previous page Β» next page
Filters