1.3
CVE-2025-46825 - Kanboard has stored Cross-site Scripting vulnerability in project name
Kanboard is project management software that focuses on the Kanban methodology. Versions 1.2.26 through 1.2.44 have a Stored Cross-Site Scripting (XSS) Vulnerability in the `name` parameter of the `http://localhost/?controller=ProjectCreationController&action=create` form. This vulnerability allowsβ¦
5.5
CVE-2025-31220 - Sensitive Location Data Exposure via Malicious App
A privacy issue was addressed by removing sensitive data. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A malicious app may be able to read sensitive location information.
7.8
CVE-2025-24258 - Privilege Escalation via Permissions Bypass on macOS
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to gain root privileges.
5.5
CVE-2025-31236 - macOS Improper Privacy Controls Leading to Information Disclosure
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
8
CVE-2025-24223 - webkitgtk: Processing maliciously crafted web content may lead to memory corruption
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.
7.8
CVE-2025-24274 - macOS Input Validation Vulnerability Enabling Root Privilege Escalation
An input validation issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A malicious app may be able to gain root privileges.
5.3
CVE-2025-31241 - Remote Application Termination via Double Free in Apple OS
A double free issue was addressed with improved memory management. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. A remote attacker may cause an unexpected app termination.
4.7
CVE-2025-31257 - webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
5.5
CVE-2025-31256 - Hot Corner Reveals Deleted Notes in macOS
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a userβs deleted notes.
5.5
CVE-2025-24111 - Memory Corruption Leading to Unexpected System Termination Across Apple Operating Systems
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to cause unexpected system termination.