6.2
CVE-2025-31218 - Exposure of Hostnames for New Network Connections
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to observe the hostnames of new network connections.
8.2
CVE-2025-31234 - Improper Input Sanitization Leading to Kernel Memory Corruption in Apple Systems
The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
7.8
CVE-2025-31222 - Privilege Escalation via Incorrect Privilege Assignment
A correctness issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. A user may be able to elevate privileges.
8.1
CVE-2025-31214 - Potential Network Traffic Interception via Improper State Management in iOS/iPadOS
This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic.
7.3
CVE-2025-31238 - Memory Corruption via Malicious Web Content in Apple Safari and iOS Ecosystem
The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.
4.3
CVE-2025-31239 - Use-After-Free Leading to App Termination via File Parsing
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Parsing a file may lead to an unexpected app termination.
5.5
CVE-2025-31242 - Apple Privacy Issue Allowing App Access to Sensitive Data via Log Entries
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.3, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. An appโฆ
7.8
CVE-2025-30453 - macOS Privilege Escalation via Improper Permission Checks
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. A malicious app may be able to gain root privileges.
6.5
CVE-2025-31215 - webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected process crash.
5.5
CVE-2025-24144 - Kernel State Information Disclosure Across Multiple Apple Platforms
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to leak sensitive kernel state.