6.5
CVE-2025-31217 - Unexpected Safari Crash Due to Improper Input Validation
The issue was addressed with improved input validation. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
7.5
CVE-2025-31240 - AFP Share Malicious Crafting Triggers System Crash on macOS
This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. Mounting a maliciously crafted AFP network share may lead to system termination.
6.5
CVE-2025-24222 - Malicious Web Content Crash Vulnerability
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5. Processing maliciously crafted web content may lead to an unexpected process crash.
7.5
CVE-2025-31237 - System Termination via Malicious AFP Share
This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. Mounting a maliciously crafted AFP network share may lead to system termination.
5.5
CVE-2025-31260 - macOS Sequoia Permissions Issue Exposing Sensitive User Data
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
7.5
CVE-2025-31221 - Integer Overflow Memory Leak in Apple Operating Systems
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. A remote attacker may be able to leak memory.
7.5
CVE-2025-31247 - Improper Access Control in macOS State Management Enables File System Access
A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An attacker may gain access to protected parts of the file system.
6.5
CVE-2025-31210 - Denial-of-Service Vulnerability in iOS/iPadOS Web Content Processor
The issue was addressed with improved UI. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing web content may lead to a denial-of-service.
4.3
CVE-2025-31206 - webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
5.5
CVE-2025-30440 - macOS App Can Bypass ASLR Due to Overly Permissive Permissions
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to bypass ASLR.