9.8
CVE-2025-24211 - Memory Handling Vulnerability in Video Processing Causing App Termination or Memory Corruption
This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. Processing a maliciously crafted video file may lead to unexpected app termination or corruβ¦
9.8
CVE-2025-24246 -
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data.
4.6
CVE-2025-30439 - Physical Access Information Disclosure on Apple Devices
The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An attacker with physical access to a locked device may be able to view sensitive user information.
8.1
CVE-2025-24180 - Malicious Website May Claim WebAuthn Credentials via Shared Registrable Suffix
The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix.
9.8
CVE-2025-24231 - Vulnerability Allowing Modification of Protected File System on macOS
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
9.8
CVE-2025-24266 - Buffer Overflow Causing Unexpected System Termination in macOS
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
9.8
CVE-2025-30458 - Sandbox Bypass Enabling Unauthorized File Read in macOS
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read files outside of its sandbox.
9.8
CVE-2025-30462 - macOS Library Injection Flaw Allows App Sandbox Bypass
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions.
5.5
CVE-2025-30435 - Information Disclosure via Sandbox Log Access in macOS
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs.
5
CVE-2025-30434 - CrossβSite Scripting via Malicious File Processing in iOSΒ 18 and iPadOSΒ 18
The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.4 and iPadOS 18.4. Processing a maliciously crafted file may lead to a cross site scripting attack.