5.5
CVE-2025-31261 - Sandbox Permission Bypass Allowing Access to Protected User Data
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
5.5
CVE-2025-31231 - macOS Sequoia Location Permissions Issue Exposing Sensitive Data
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitive location information.
5.5
CVE-2025-31199 - Logging Vulnerability Exposing Sensitive User Data on Apple Operating Systems
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.8.2, visionOS 2.4. An app may be able to access sensitive user data.
4.6
CVE-2025-31264 - Authentication Bypass on Locked macOS Devices Allows Viewing Sensitive User Information
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
5.5
CVE-2025-31198 - macOS Symlink Path Validation Vulnerability
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A path handling issue was addressed with improved validation.
8.2
CVE-2025-31189 - File quarantine bypass may enable sandbox escape in macOS
A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox.
9.1
CVE-2025-31263 - Coprocessor Memory Corruption via Improper Memory Handling
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.
6.9
CVE-2025-5330 - FreeFloat FTP Server RETR Command buffer overflow
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component RETR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and mβ¦
5.3
CVE-2025-5328 - chshcms mccms Backups.php restore_del path traversal
A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The attack can be initiated remotely. The exploitβ¦
5.3
CVE-2025-5327 - chshcms mccms Gf.php index server-side request forgery
A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit hasβ¦