3.3
CVE-2025-24145 - App Exposure of Contact Phone Numbers via System Log Redaction Failure
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An app may be able to view a contact's phone number in system logs.
6.7
CVE-2025-24153 - Kernel Buffer Overflow Enables Root-Privileged Code Execution in macOS
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app with root privileges may be able to execute arbitrary code with kernel privileges.
5.5
CVE-2025-24104 -
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files.
7.8
CVE-2024-54517 -
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
4.3
CVE-2025-24128 - Address Bar Spoofing Vulnerability in Apple Safari, iOS, iPadOS, and macOS
The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing.
4
CVE-2025-24094 - Race Condition in macOS Enabling Unauthorized Access to User Sensitive Data
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access user-sensitive data.
7.5
CVE-2025-24169 - Logging Redaction Flaw Allowing Sensitive Data Exposure and Extension Authentication Bypass
A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication.
7.5
CVE-2024-54557 -
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system.
7.5
CVE-2025-24129 - Local Network Type Confusion Exploit Causes Application Crash
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may cause an unexpected app termination.
3.3
CVE-2024-54516 -
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to approve a launch daemon without user consent.