Search criteria
128 vulnerabilities found for ipados by apple
CERTFR-2026-AVI-0158
Vulnerability from certfr_avis - Published: 2026-02-12 - Updated: 2026-02-12
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Apple indique que la vulnérabilité CVE-2026-20700 est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | iOS | iOS versions antérieures à 26.3 | ||
| Apple | iPadOS | iPadOS versions antérieures à 18.7.5 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.7.4 | ||
| Apple | Safari | Safari versions antérieures à 26.3 | ||
| Apple | iOS | iOS versions antérieures à 18.7.5 | ||
| Apple | N/A | watchOS versions antérieures à 26.3 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.8.4 | ||
| Apple | N/A | tvOS versions antérieures à 26.3 | ||
| Apple | macOS | macOS Tahoe versions antérieures à 26.3 | ||
| Apple | iPadOS | iPadOS versions antérieures à 26.3 | ||
| Apple | N/A | visionOS versions antérieures à 26.3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.5",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.7.5",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 26.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-20624",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20624"
},
{
"name": "CVE-2026-20652",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20652"
},
{
"name": "CVE-2026-20619",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20619"
},
{
"name": "CVE-2026-20606",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20606"
},
{
"name": "CVE-2026-20611",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20611"
},
{
"name": "CVE-2026-20617",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20617"
},
{
"name": "CVE-2025-43417",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43417"
},
{
"name": "CVE-2025-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46310"
},
{
"name": "CVE-2026-20625",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20625"
},
{
"name": "CVE-2026-20650",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20650"
},
{
"name": "CVE-2026-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20676"
},
{
"name": "CVE-2026-20626",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20626"
},
{
"name": "CVE-2026-20666",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20666"
},
{
"name": "CVE-2026-20662",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20662"
},
{
"name": "CVE-2025-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43402"
},
{
"name": "CVE-2026-20658",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20658"
},
{
"name": "CVE-2026-20612",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20612"
},
{
"name": "CVE-2026-20655",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20655"
},
{
"name": "CVE-2026-20638",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20638"
},
{
"name": "CVE-2026-20682",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20682"
},
{
"name": "CVE-2026-20605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20605"
},
{
"name": "CVE-2026-20674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20674"
},
{
"name": "CVE-2026-20642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20642"
},
{
"name": "CVE-2026-20647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20647"
},
{
"name": "CVE-2026-20628",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20628"
},
{
"name": "CVE-2026-20646",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20646"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2026-20608",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20608"
},
{
"name": "CVE-2026-20623",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20623"
},
{
"name": "CVE-2026-20615",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20615"
},
{
"name": "CVE-2026-20630",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20630"
},
{
"name": "CVE-2026-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20677"
},
{
"name": "CVE-2026-20680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20680"
},
{
"name": "CVE-2026-20661",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20661"
},
{
"name": "CVE-2026-20654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20654"
},
{
"name": "CVE-2026-20673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20673"
},
{
"name": "CVE-2026-20636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20636"
},
{
"name": "CVE-2025-46305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46305"
},
{
"name": "CVE-2025-46283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46283"
},
{
"name": "CVE-2025-14174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
},
{
"name": "CVE-2026-20635",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20635"
},
{
"name": "CVE-2025-46303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46303"
},
{
"name": "CVE-2025-46301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46301"
},
{
"name": "CVE-2026-20616",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20616"
},
{
"name": "CVE-2026-20653",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20653"
},
{
"name": "CVE-2026-20602",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20602"
},
{
"name": "CVE-2025-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46300"
},
{
"name": "CVE-2026-20656",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20656"
},
{
"name": "CVE-2026-20609",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20609"
},
{
"name": "CVE-2025-43338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43338"
},
{
"name": "CVE-2026-20627",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20627"
},
{
"name": "CVE-2026-20663",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20663"
},
{
"name": "CVE-2026-20621",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20621"
},
{
"name": "CVE-2026-20681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20681"
},
{
"name": "CVE-2026-20678",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20678"
},
{
"name": "CVE-2026-20667",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20667"
},
{
"name": "CVE-2025-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43403"
},
{
"name": "CVE-2026-20603",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20603"
},
{
"name": "CVE-2025-46304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46304"
},
{
"name": "CVE-2025-43537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43537"
},
{
"name": "CVE-2026-20620",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20620"
},
{
"name": "CVE-2026-20644",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20644"
},
{
"name": "CVE-2025-43529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43529"
},
{
"name": "CVE-2025-46290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46290"
},
{
"name": "CVE-2026-20641",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20641"
},
{
"name": "CVE-2026-20649",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20649"
},
{
"name": "CVE-2025-46302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46302"
},
{
"name": "CVE-2026-20660",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20660"
},
{
"name": "CVE-2026-20648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20648"
},
{
"name": "CVE-2026-20671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20671"
},
{
"name": "CVE-2026-20610",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20610"
},
{
"name": "CVE-2026-20618",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20618"
},
{
"name": "CVE-2026-20700",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20700"
},
{
"name": "CVE-2026-20640",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20640"
},
{
"name": "CVE-2026-20601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20601"
},
{
"name": "CVE-2025-43533",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43533"
},
{
"name": "CVE-2026-20629",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20629"
},
{
"name": "CVE-2026-20634",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20634"
},
{
"name": "CVE-2026-20669",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20669"
},
{
"name": "CVE-2026-20645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20645"
},
{
"name": "CVE-2026-20675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20675"
},
{
"name": "CVE-2026-20614",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20614"
}
],
"initial_release_date": "2026-02-12T00:00:00",
"last_revision_date": "2026-02-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0158",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2026-20700 est activement exploit\u00e9e.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126346",
"url": "https://support.apple.com/en-us/126346"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126353",
"url": "https://support.apple.com/en-us/126353"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126347",
"url": "https://support.apple.com/en-us/126347"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126352",
"url": "https://support.apple.com/en-us/126352"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126348",
"url": "https://support.apple.com/en-us/126348"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126349",
"url": "https://support.apple.com/en-us/126349"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126351",
"url": "https://support.apple.com/en-us/126351"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126350",
"url": "https://support.apple.com/en-us/126350"
},
{
"published_at": "2026-02-11",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 126354",
"url": "https://support.apple.com/en-us/126354"
}
]
}
CERTFR-2025-AVI-1110
Vulnerability from certfr_avis - Published: 2025-12-15 - Updated: 2025-12-15
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Apple indique que les vulnérabilités CVE-2025-14174 et CVE-2025-43529 sont activement exploitées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | macOS | macOS Sonoma versions antérieures à 14.8.3 | ||
| Apple | watchOS | watchOS versions antérieures à 26.2 | ||
| Apple | iOS | iOS versions 26.x antérieures à 26.2 | ||
| Apple | macOS | macOS Tahoe versions antérieures à 26.2 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.7.3 | ||
| Apple | tvOS | tvOS versions antérieures à 26.2 | ||
| Apple | Safari | Safari versions antérieures à 26.2 | ||
| Apple | iOS | iOS versions 18.7.x antérieures à 18.7.3 | ||
| Apple | iPadOS | iPadOS versions 18.7.x antérieures à 18.7.3 | ||
| Apple | visionOS | visionOS versions antérieures à 26.2 | ||
| Apple | iPadOS | iPadOS versions 26.x antérieures à 26.2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "watchOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 26.x ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "tvOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 18.7.x ant\u00e9rieures \u00e0 18.7.3",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 18.7.x ant\u00e9rieures \u00e0 18.7.3",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "visionOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 26.x ant\u00e9rieures \u00e0 26.2",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43517"
},
{
"name": "CVE-2025-46291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46291"
},
{
"name": "CVE-2025-46282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46282"
},
{
"name": "CVE-2025-46292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46292"
},
{
"name": "CVE-2025-43539",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43539"
},
{
"name": "CVE-2025-43320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43320"
},
{
"name": "CVE-2025-43536",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43536"
},
{
"name": "CVE-2025-43514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43514"
},
{
"name": "CVE-2025-46289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46289"
},
{
"name": "CVE-2025-43511",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43511"
},
{
"name": "CVE-2025-46278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46278"
},
{
"name": "CVE-2025-43523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43523"
},
{
"name": "CVE-2024-8906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8906"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-43513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43513"
},
{
"name": "CVE-2025-43522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43522"
},
{
"name": "CVE-2025-46279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46279"
},
{
"name": "CVE-2025-43416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43416"
},
{
"name": "CVE-2025-43410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43410"
},
{
"name": "CVE-2025-43475",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43475"
},
{
"name": "CVE-2025-43542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43542"
},
{
"name": "CVE-2025-46283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46283"
},
{
"name": "CVE-2025-14174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
},
{
"name": "CVE-2025-43519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43519"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2025-43526",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43526"
},
{
"name": "CVE-2025-46277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46277"
},
{
"name": "CVE-2025-43518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43518"
},
{
"name": "CVE-2025-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43527"
},
{
"name": "CVE-2025-46285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46285"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-43482",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43482"
},
{
"name": "CVE-2025-43532",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43532"
},
{
"name": "CVE-2025-43538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43538"
},
{
"name": "CVE-2025-46288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46288"
},
{
"name": "CVE-2025-43541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43541"
},
{
"name": "CVE-2025-43529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43529"
},
{
"name": "CVE-2025-43516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43516"
},
{
"name": "CVE-2025-46281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46281"
},
{
"name": "CVE-2025-43530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43530"
},
{
"name": "CVE-2025-43501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43501"
},
{
"name": "CVE-2025-46276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46276"
},
{
"name": "CVE-2025-43533",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43533"
},
{
"name": "CVE-2025-43428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43428"
},
{
"name": "CVE-2025-43512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43512"
},
{
"name": "CVE-2025-43535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43535"
},
{
"name": "CVE-2025-43521",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43521"
},
{
"name": "CVE-2025-43531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43531"
},
{
"name": "CVE-2025-46287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46287"
},
{
"name": "CVE-2025-43509",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43509"
},
{
"name": "CVE-2025-43463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43463"
}
],
"initial_release_date": "2025-12-15T00:00:00",
"last_revision_date": "2025-12-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1110",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nApple indique que les vuln\u00e9rabilit\u00e9s CVE-2025-14174 et CVE-2025-43529 sont activement exploit\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125887",
"url": "https://support.apple.com/en-us/125887"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125891",
"url": "https://support.apple.com/en-us/125891"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125884",
"url": "https://support.apple.com/en-us/125884"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125886",
"url": "https://support.apple.com/en-us/125886"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125885",
"url": "https://support.apple.com/en-us/125885"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125889",
"url": "https://support.apple.com/en-us/125889"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125890",
"url": "https://support.apple.com/en-us/125890"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125892",
"url": "https://support.apple.com/en-us/125892"
},
{
"published_at": "2025-12-12",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125888",
"url": "https://support.apple.com/en-us/125888"
}
]
}
CERTFR-2025-AVI-0974
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans Apple iOS et iPadOS. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.2",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.7.2",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43441"
},
{
"name": "CVE-2025-43443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43443"
},
{
"name": "CVE-2025-43448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43448"
},
{
"name": "CVE-2025-43431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43431"
},
{
"name": "CVE-2025-43496",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43496"
},
{
"name": "CVE-2025-43450",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43450"
},
{
"name": "CVE-2025-43384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43384"
},
{
"name": "CVE-2025-43434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43434"
},
{
"name": "CVE-2025-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43503"
},
{
"name": "CVE-2025-43458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43458"
},
{
"name": "CVE-2025-43423",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43423"
},
{
"name": "CVE-2025-43392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43392"
},
{
"name": "CVE-2025-43386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43386"
},
{
"name": "CVE-2025-43493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43493"
},
{
"name": "CVE-2025-43418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43418"
},
{
"name": "CVE-2025-43435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43435"
},
{
"name": "CVE-2025-43442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43442"
},
{
"name": "CVE-2025-43377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43377"
},
{
"name": "CVE-2025-43438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43438"
},
{
"name": "CVE-2025-43429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43429"
},
{
"name": "CVE-2025-43385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43385"
},
{
"name": "CVE-2025-43444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43444"
},
{
"name": "CVE-2025-43365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43365"
},
{
"name": "CVE-2025-43495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43495"
},
{
"name": "CVE-2025-43499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43499"
},
{
"name": "CVE-2025-43445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43445"
},
{
"name": "CVE-2025-43399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43399"
},
{
"name": "CVE-2025-43383",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43383"
},
{
"name": "CVE-2025-43507",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43507"
},
{
"name": "CVE-2025-43433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43433"
},
{
"name": "CVE-2025-43454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43454"
},
{
"name": "CVE-2025-43439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43439"
},
{
"name": "CVE-2025-43389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43389"
},
{
"name": "CVE-2025-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43398"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0974",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apple iOS et iPadOS. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS et iPadOS",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125633",
"url": "https://support.apple.com/en-us/125633"
}
]
}
CERTFR-2025-AVI-0961
Vulnerability from certfr_avis - Published: 2025-11-04 - Updated: 2025-11-04
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | macOS | macOS Tahoe versions antérieures à 26.1 | ||
| Apple | iPadOS | iPadOS versions antérieures à 26.1 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.7.2 | ||
| Apple | Safari | Safari versions antérieures à 26.1 | ||
| Apple | Xcode | Xcode versions antérieures à 26.1 | ||
| Apple | watchOS | watchOS versions antérieures à 26.1 | ||
| Apple | iOS | iOS versions antérieures à 26.1 | ||
| Apple | tvOS | tvOS versions antérieures à 26.1 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.8.2 | ||
| Apple | visionOS | visionOS versions antérieures à 26.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.2",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "Xcode",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "watchOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "tvOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.2",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 26.1",
"product": {
"name": "visionOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43292"
},
{
"name": "CVE-2025-43505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43505"
},
{
"name": "CVE-2025-43432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43432"
},
{
"name": "CVE-2025-43372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43372"
},
{
"name": "CVE-2025-43426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43426"
},
{
"name": "CVE-2025-43480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43480"
},
{
"name": "CVE-2025-43449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43449"
},
{
"name": "CVE-2025-43348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43348"
},
{
"name": "CVE-2025-43351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43351"
},
{
"name": "CVE-2025-43373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43373"
},
{
"name": "CVE-2025-43441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43441"
},
{
"name": "CVE-2025-43443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43443"
},
{
"name": "CVE-2025-43476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43476"
},
{
"name": "CVE-2025-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30465"
},
{
"name": "CVE-2025-43448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43448"
},
{
"name": "CVE-2025-43497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43497"
},
{
"name": "CVE-2025-43446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43446"
},
{
"name": "CVE-2025-43500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43500"
},
{
"name": "CVE-2025-43431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43431"
},
{
"name": "CVE-2025-43452",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43452"
},
{
"name": "CVE-2025-43504",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43504"
},
{
"name": "CVE-2025-43467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43467"
},
{
"name": "CVE-2025-43496",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43496"
},
{
"name": "CVE-2025-43420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43420"
},
{
"name": "CVE-2025-43450",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43450"
},
{
"name": "CVE-2025-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43406"
},
{
"name": "CVE-2025-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43402"
},
{
"name": "CVE-2025-43384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43384"
},
{
"name": "CVE-2025-43434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43434"
},
{
"name": "CVE-2025-43422",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43422"
},
{
"name": "CVE-2025-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43503"
},
{
"name": "CVE-2025-43502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43502"
},
{
"name": "CVE-2025-43440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43440"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2025-43427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43427"
},
{
"name": "CVE-2025-43394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43394"
},
{
"name": "CVE-2025-43335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43335"
},
{
"name": "CVE-2025-43458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43458"
},
{
"name": "CVE-2025-43411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43411"
},
{
"name": "CVE-2025-43469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43469"
},
{
"name": "CVE-2025-43498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43498"
},
{
"name": "CVE-2025-43424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43424"
},
{
"name": "CVE-2025-43423",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43423"
},
{
"name": "CVE-2025-43472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43472"
},
{
"name": "CVE-2025-43459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43459"
},
{
"name": "CVE-2025-43392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43392"
},
{
"name": "CVE-2025-43462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43462"
},
{
"name": "CVE-2025-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43401"
},
{
"name": "CVE-2025-43386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43386"
},
{
"name": "CVE-2025-43493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43493"
},
{
"name": "CVE-2025-43481",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43481"
},
{
"name": "CVE-2025-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43405"
},
{
"name": "CVE-2025-43506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43506"
},
{
"name": "CVE-2025-43322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43322"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-43400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43400"
},
{
"name": "CVE-2025-43468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43468"
},
{
"name": "CVE-2025-43395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43395"
},
{
"name": "CVE-2025-43421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43421"
},
{
"name": "CVE-2025-43435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43435"
},
{
"name": "CVE-2025-43464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43464"
},
{
"name": "CVE-2025-43442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43442"
},
{
"name": "CVE-2025-43377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43377"
},
{
"name": "CVE-2025-43438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43438"
},
{
"name": "CVE-2025-43460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43460"
},
{
"name": "CVE-2025-43429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43429"
},
{
"name": "CVE-2025-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43407"
},
{
"name": "CVE-2025-43334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43334"
},
{
"name": "CVE-2025-43414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43414"
},
{
"name": "CVE-2025-43385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43385"
},
{
"name": "CVE-2025-43444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43444"
},
{
"name": "CVE-2025-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43404"
},
{
"name": "CVE-2025-43495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43495"
},
{
"name": "CVE-2025-43465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43465"
},
{
"name": "CVE-2025-43461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43461"
},
{
"name": "CVE-2025-43294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43294"
},
{
"name": "CVE-2025-43390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43390"
},
{
"name": "CVE-2025-43499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43499"
},
{
"name": "CVE-2025-43350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43350"
},
{
"name": "CVE-2025-43391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43391"
},
{
"name": "CVE-2025-43378",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43378"
},
{
"name": "CVE-2025-43473",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43473"
},
{
"name": "CVE-2025-43445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43445"
},
{
"name": "CVE-2025-43338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43338"
},
{
"name": "CVE-2025-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43409"
},
{
"name": "CVE-2025-43399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43399"
},
{
"name": "CVE-2025-43383",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43383"
},
{
"name": "CVE-2025-43474",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43474"
},
{
"name": "CVE-2025-43471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43471"
},
{
"name": "CVE-2025-43387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43387"
},
{
"name": "CVE-2025-43479",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43479"
},
{
"name": "CVE-2025-43447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43447"
},
{
"name": "CVE-2025-43477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43477"
},
{
"name": "CVE-2025-43413",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43413"
},
{
"name": "CVE-2025-43507",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43507"
},
{
"name": "CVE-2025-43336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43336"
},
{
"name": "CVE-2025-43433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43433"
},
{
"name": "CVE-2025-43430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43430"
},
{
"name": "CVE-2025-43337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43337"
},
{
"name": "CVE-2025-43380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43380"
},
{
"name": "CVE-2025-43397",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43397"
},
{
"name": "CVE-2025-43455",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43455"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-43412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43412"
},
{
"name": "CVE-2025-43388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43388"
},
{
"name": "CVE-2025-43396",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43396"
},
{
"name": "CVE-2025-43454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43454"
},
{
"name": "CVE-2025-43439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43439"
},
{
"name": "CVE-2025-43381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43381"
},
{
"name": "CVE-2025-43382",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43382"
},
{
"name": "CVE-2025-43466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43466"
},
{
"name": "CVE-2025-43364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43364"
},
{
"name": "CVE-2025-43393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43393"
},
{
"name": "CVE-2025-43389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43389"
},
{
"name": "CVE-2025-43457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43457"
},
{
"name": "CVE-2025-43361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43361"
},
{
"name": "CVE-2025-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43398"
},
{
"name": "CVE-2025-31199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31199"
},
{
"name": "CVE-2025-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43408"
},
{
"name": "CVE-2025-43379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43379"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2025-43425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43425"
},
{
"name": "CVE-2025-43478",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43478"
},
{
"name": "CVE-2025-43436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43436"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2025-43463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43463"
}
],
"initial_release_date": "2025-11-04T00:00:00",
"last_revision_date": "2025-11-04T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0961",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125639",
"url": "https://support.apple.com/en-us/125639"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125640",
"url": "https://support.apple.com/en-us/125640"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125634",
"url": "https://support.apple.com/en-us/125634"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125632",
"url": "https://support.apple.com/en-us/125632"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125638",
"url": "https://support.apple.com/en-us/125638"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125635",
"url": "https://support.apple.com/en-us/125635"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125641",
"url": "https://support.apple.com/en-us/125641"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125636",
"url": "https://support.apple.com/en-us/125636"
},
{
"published_at": "2025-11-03",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125637",
"url": "https://support.apple.com/en-us/125637"
}
]
}
CERTFR-2025-AVI-0831
Vulnerability from certfr_avis - Published: 2025-09-30 - Updated: 2025-09-30
Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | iPadOS | iPadOS versions antérieures à 26.0.1 | ||
| Apple | iOS | iOS versions antérieures à 18.7.1 | ||
| Apple | macOS | macOS Tahoe versions antérieures à 26.0.1 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.8.1 | ||
| Apple | iPadOS | iPadOS versions antérieures à 18.7.1 | ||
| Apple | iOS | iOS versions antérieures à 26.0.1 | ||
| Apple | visionOS | visionOS versions antérieures à 26.0.1 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.7.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 26.0.1",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.7.1",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.0.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.1",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 26.0.1",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 26.0.1",
"product": {
"name": "visionOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43400"
}
],
"initial_release_date": "2025-09-30T00:00:00",
"last_revision_date": "2025-09-30T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0831",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-09-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125327",
"url": "https://support.apple.com/en-us/125327"
},
{
"published_at": "2025-09-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125330",
"url": "https://support.apple.com/en-us/125330"
},
{
"published_at": "2025-09-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125329",
"url": "https://support.apple.com/en-us/125329"
},
{
"published_at": "2025-09-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125338",
"url": "https://support.apple.com/en-us/125338"
},
{
"published_at": "2025-09-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125328",
"url": "https://support.apple.com/en-us/125328"
},
{
"published_at": "2025-09-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125326",
"url": "https://support.apple.com/en-us/125326"
}
]
}
CERTFR-2025-AVI-0791
Vulnerability from certfr_avis - Published: 2025-09-16 - Updated: 2025-09-16
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Apple indique que la vulnérabilité CVE-2025-43300 est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | iPadOS | iPadOS versions antérieures à 26 | ||
| Apple | watchOS | watchOS versions antérieures à 26 | ||
| Apple | iOS | iOS versions 16.x antérieures à 16.7.12 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.8 | ||
| Apple | tvOS | tvOS versions antérieures à 26 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.7 | ||
| Apple | iOS | iOS versions antérieures à 26 | ||
| Apple | iOS | iOS versions 15.x antérieures à 15.8.5 | ||
| Apple | iOS | iOS versions 18.x antérieures à 18.7 | ||
| Apple | visionOS | visionOS versions antérieures à 26 | ||
| Apple | Xcode | Xcode versions antérieures à 26 | ||
| Apple | Safari | Safari versions antérieures à 26 | ||
| Apple | iPadOS | iPadOS versions 15.x antérieures à 15.8.5 | ||
| Apple | iPadOS | iPadOS versions 16.x antérieures à 16.7.12 | ||
| Apple | macOS | macOS Tahoe versions antérieures à 26 | ||
| Apple | iPadOS | iPadOS versions 18.x antérieures à 18.7 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "watchOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 16.x ant\u00e9rieures \u00e0 16.7.12",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "tvOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 15.x ant\u00e9rieures \u00e0 15.8.5",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions 18.x ant\u00e9rieures \u00e0 18.7",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "visionOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Xcode versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "Xcode",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 15.x ant\u00e9rieures \u00e0 15.8.5",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 16.x ant\u00e9rieures \u00e0 16.7.12",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 18.x ant\u00e9rieures \u00e0 18.7",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43292"
},
{
"name": "CVE-2025-43372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43372"
},
{
"name": "CVE-2025-43332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43332"
},
{
"name": "CVE-2025-31270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31270"
},
{
"name": "CVE-2025-43362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43362"
},
{
"name": "CVE-2025-43319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43319"
},
{
"name": "CVE-2025-43340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43340"
},
{
"name": "CVE-2025-43327",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43327"
},
{
"name": "CVE-2025-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30468"
},
{
"name": "CVE-2025-43359",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43359"
},
{
"name": "CVE-2025-43262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43262"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-31269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31269"
},
{
"name": "CVE-2025-43354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43354"
},
{
"name": "CVE-2025-43326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43326"
},
{
"name": "CVE-2025-43204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43204"
},
{
"name": "CVE-2025-43273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43273"
},
{
"name": "CVE-2025-43347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43347"
},
{
"name": "CVE-2025-43302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43302"
},
{
"name": "CVE-2025-43321",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43321"
},
{
"name": "CVE-2025-31254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31254"
},
{
"name": "CVE-2025-43299",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43299"
},
{
"name": "CVE-2025-43316",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43316"
},
{
"name": "CVE-2025-43263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43263"
},
{
"name": "CVE-2025-31255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31255"
},
{
"name": "CVE-2025-43375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43375"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-43355",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43355"
},
{
"name": "CVE-2025-43207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43207"
},
{
"name": "CVE-2025-43285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43285"
},
{
"name": "CVE-2025-43370",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43370"
},
{
"name": "CVE-2025-43312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43312"
},
{
"name": "CVE-2025-43317",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43317"
},
{
"name": "CVE-2025-31271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31271"
},
{
"name": "CVE-2025-43208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43208"
},
{
"name": "CVE-2025-43283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43283"
},
{
"name": "CVE-2025-48384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48384"
},
{
"name": "CVE-2025-43277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43277"
},
{
"name": "CVE-2025-43325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43325"
},
{
"name": "CVE-2025-43231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43231"
},
{
"name": "CVE-2025-24197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24197"
},
{
"name": "CVE-2025-43358",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43358"
},
{
"name": "CVE-2025-43328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43328"
},
{
"name": "CVE-2025-43368",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43368"
},
{
"name": "CVE-2025-43315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43315"
},
{
"name": "CVE-2025-43331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43331"
},
{
"name": "CVE-2025-43310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43310"
},
{
"name": "CVE-2025-43333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43333"
},
{
"name": "CVE-2025-43203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43203"
},
{
"name": "CVE-2025-43307",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43307"
},
{
"name": "CVE-2025-43297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43297"
},
{
"name": "CVE-2025-43190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43190"
},
{
"name": "CVE-2025-24088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24088"
},
{
"name": "CVE-2025-43293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43293"
},
{
"name": "CVE-2025-43343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43343"
},
{
"name": "CVE-2025-43294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43294"
},
{
"name": "CVE-2025-43286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43286"
},
{
"name": "CVE-2025-43353",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43353"
},
{
"name": "CVE-2025-43356",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43356"
},
{
"name": "CVE-2025-43330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43330"
},
{
"name": "CVE-2025-43272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43272"
},
{
"name": "CVE-2025-31259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31259"
},
{
"name": "CVE-2025-31268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31268"
},
{
"name": "CVE-2025-43366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43366"
},
{
"name": "CVE-2025-43298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43298"
},
{
"name": "CVE-2025-43369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43369"
},
{
"name": "CVE-2025-43308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43308"
},
{
"name": "CVE-2025-43346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43346"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-43337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43337"
},
{
"name": "CVE-2025-24133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24133"
},
{
"name": "CVE-2025-43279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43279"
},
{
"name": "CVE-2025-43314",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43314"
},
{
"name": "CVE-2025-43300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43300"
},
{
"name": "CVE-2025-43342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43342"
},
{
"name": "CVE-2025-43349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43349"
},
{
"name": "CVE-2025-43341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43341"
},
{
"name": "CVE-2025-43301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43301"
},
{
"name": "CVE-2025-43318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43318"
},
{
"name": "CVE-2025-43344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43344"
},
{
"name": "CVE-2025-43311",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43311"
},
{
"name": "CVE-2025-43287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43287"
},
{
"name": "CVE-2025-43303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43303"
},
{
"name": "CVE-2025-43304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43304"
},
{
"name": "CVE-2025-43291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43291"
},
{
"name": "CVE-2025-43329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43329"
},
{
"name": "CVE-2025-43357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43357"
},
{
"name": "CVE-2025-43367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43367"
},
{
"name": "CVE-2025-43371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43371"
},
{
"name": "CVE-2025-43295",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43295"
},
{
"name": "CVE-2025-43305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43305"
}
],
"initial_release_date": "2025-09-16T00:00:00",
"last_revision_date": "2025-09-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0791",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2025-43300 est activement exploit\u00e9e.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125112",
"url": "https://support.apple.com/en-us/125112"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125116",
"url": "https://support.apple.com/en-us/125116"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125110",
"url": "https://support.apple.com/en-us/125110"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125115",
"url": "https://support.apple.com/en-us/125115"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125141",
"url": "https://support.apple.com/en-us/125141"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125117",
"url": "https://support.apple.com/en-us/125117"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125114",
"url": "https://support.apple.com/en-us/125114"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125108",
"url": "https://support.apple.com/en-us/125108"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125111",
"url": "https://support.apple.com/en-us/125111"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125109",
"url": "https://support.apple.com/en-us/125109"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125142",
"url": "https://support.apple.com/en-us/125142"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 125113",
"url": "https://support.apple.com/en-us/125113"
}
]
}
CERTFR-2025-AVI-0716
Vulnerability from certfr_avis - Published: 2025-08-21 - Updated: 2025-08-21
Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Apple indique que la vulnérabilité CVE-2025-43300 est activement exploitée dans le cadre d'attaques ciblées.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | macOS | macOS Sonoma versions antérieures à 14.7.8 | ||
| Apple | iPadOS | iPadOS versions antérieures à 17.7.10 | ||
| Apple | iOS | iOS versions antérieures à 18.6.2 | ||
| Apple | iPadOS | iPadOS versions antérieures à 18.6.2 | ||
| Apple | macOS | macOS Ventura versions antérieures à 13.7.8 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.6.1 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7.8",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.10",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.6.2",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 18.6.2",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7.8",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.6.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-43300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43300"
}
],
"initial_release_date": "2025-08-21T00:00:00",
"last_revision_date": "2025-08-21T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0716",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2025-43300 est activement exploit\u00e9e dans le cadre d\u0027attaques cibl\u00e9es.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124925",
"url": "https://support.apple.com/en-us/124925"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124928",
"url": "https://support.apple.com/en-us/124928"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124926",
"url": "https://support.apple.com/en-us/124926"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124929",
"url": "https://support.apple.com/en-us/124929"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124927",
"url": "https://support.apple.com/en-us/124927"
}
]
}
CERTFR-2025-AVI-0640
Vulnerability from certfr_avis - Published: 2025-07-30 - Updated: 2025-07-31
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.
Google indique que la vulnérabilité CVE-2025-6558 est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | tvOS versions antérieures à 18.6 | ||
| Apple | iOS | iOS versions antérieures à 18.6 | ||
| Apple | N/A | visionOS versions antérieures à 2.6 | ||
| Apple | iPadOS | iPadOS versions 18.x antérieures à 18.6 | ||
| Apple | macOS | macOS Sequoia versions antérieures à 15.6 | ||
| Apple | iPadOS | iPadOS versions antérieures à 17.7.9 | ||
| Apple | macOS | macOS Ventura versions antérieures à 13.7.7 | ||
| Apple | macOS | macOS Sonoma versions antérieures à 14.7.7 | ||
| Apple | N/A | watchOS versions antérieures à 11.6 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "tvOS versions ant\u00e9rieures \u00e0 18.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 18.6",
"product": {
"name": "iOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "visionOS versions ant\u00e9rieures \u00e0 2.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions 18.x ant\u00e9rieures \u00e0 18.6",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.6",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.9",
"product": {
"name": "iPadOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7.7",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7.7",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 11.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-24224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24224"
},
{
"name": "CVE-2025-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43241"
},
{
"name": "CVE-2025-31277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31277"
},
{
"name": "CVE-2025-43206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43206"
},
{
"name": "CVE-2025-43222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43222"
},
{
"name": "CVE-2025-43251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43251"
},
{
"name": "CVE-2025-31273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31273"
},
{
"name": "CVE-2025-43191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43191"
},
{
"name": "CVE-2025-43189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43189"
},
{
"name": "CVE-2025-43234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43234"
},
{
"name": "CVE-2025-43254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43254"
},
{
"name": "CVE-2025-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43245"
},
{
"name": "CVE-2025-43214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43214"
},
{
"name": "CVE-2025-43212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43212"
},
{
"name": "CVE-2025-43274",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43274"
},
{
"name": "CVE-2025-43192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43192"
},
{
"name": "CVE-2025-43266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43266"
},
{
"name": "CVE-2025-43273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43273"
},
{
"name": "CVE-2025-43275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43275"
},
{
"name": "CVE-2025-43224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43224"
},
{
"name": "CVE-2025-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43252"
},
{
"name": "CVE-2025-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43239"
},
{
"name": "CVE-2025-43197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43197"
},
{
"name": "CVE-2025-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43235"
},
{
"name": "CVE-2025-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43243"
},
{
"name": "CVE-2025-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43240"
},
{
"name": "CVE-2025-43256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43256"
},
{
"name": "CVE-2025-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43236"
},
{
"name": "CVE-2025-31279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31279"
},
{
"name": "CVE-2025-43202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43202"
},
{
"name": "CVE-2025-43259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43259"
},
{
"name": "CVE-2025-43270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43270"
},
{
"name": "CVE-2025-43210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43210"
},
{
"name": "CVE-2025-43193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43193"
},
{
"name": "CVE-2025-43227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43227"
},
{
"name": "CVE-2025-31278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31278"
},
{
"name": "CVE-2025-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43237"
},
{
"name": "CVE-2025-43225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43225"
},
{
"name": "CVE-2025-31243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31243"
},
{
"name": "CVE-2025-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43253"
},
{
"name": "CVE-2025-43217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43217"
},
{
"name": "CVE-2025-43257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43257"
},
{
"name": "CVE-2025-43277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43277"
},
{
"name": "CVE-2025-31281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31281"
},
{
"name": "CVE-2025-43219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43219"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-43233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43233"
},
{
"name": "CVE-2025-24220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24220"
},
{
"name": "CVE-2025-24119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24119"
},
{
"name": "CVE-2025-31275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31275"
},
{
"name": "CVE-2025-31229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31229"
},
{
"name": "CVE-2025-43199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43199"
},
{
"name": "CVE-2025-43220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43220"
},
{
"name": "CVE-2025-31280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31280"
},
{
"name": "CVE-2025-43255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43255"
},
{
"name": "CVE-2025-43229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43229"
},
{
"name": "CVE-2025-43211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43211"
},
{
"name": "CVE-2025-43209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43209"
},
{
"name": "CVE-2025-43186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43186"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43249"
},
{
"name": "CVE-2025-43228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43228"
},
{
"name": "CVE-2025-43188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43188"
},
{
"name": "CVE-2025-43265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43265"
},
{
"name": "CVE-2025-43264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43264"
},
{
"name": "CVE-2025-43268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43268"
},
{
"name": "CVE-2025-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43248"
},
{
"name": "CVE-2025-43247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43247"
},
{
"name": "CVE-2025-43213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43213"
},
{
"name": "CVE-2025-43216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43216"
},
{
"name": "CVE-2025-43232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43232"
},
{
"name": "CVE-2025-31276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31276"
},
{
"name": "CVE-2025-43261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43261"
},
{
"name": "CVE-2025-43276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43276"
},
{
"name": "CVE-2025-43226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43226"
},
{
"name": "CVE-2025-43223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43223"
},
{
"name": "CVE-2025-43246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43246"
},
{
"name": "CVE-2025-43260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43260"
},
{
"name": "CVE-2025-43215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43215"
},
{
"name": "CVE-2025-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43238"
},
{
"name": "CVE-2025-43198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43198"
},
{
"name": "CVE-2025-43230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43230"
},
{
"name": "CVE-2025-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43250"
},
{
"name": "CVE-2025-43196",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43196"
},
{
"name": "CVE-2025-43218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43218"
},
{
"name": "CVE-2025-24188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24188"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-43194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43194"
},
{
"name": "CVE-2025-43267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43267"
},
{
"name": "CVE-2025-43195",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43195"
},
{
"name": "CVE-2025-43185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43185"
},
{
"name": "CVE-2025-43184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43184"
},
{
"name": "CVE-2025-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43244"
},
{
"name": "CVE-2025-43187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43187"
},
{
"name": "CVE-2025-43221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43221"
}
],
"initial_release_date": "2025-07-30T00:00:00",
"last_revision_date": "2025-07-31T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0640",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-30T00:00:00.000000"
},
{
"description": "Google indique que la vuln\u00e9rabilit\u00e9 CVE-2025-6558 est activement exploit\u00e9e.",
"revision_date": "2025-07-31T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nGoogle indique que la vuln\u00e9rabilit\u00e9 CVE-2025-6558 est activement exploit\u00e9e.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124150",
"url": "https://support.apple.com/en-us/124150"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124155",
"url": "https://support.apple.com/en-us/124155"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124149",
"url": "https://support.apple.com/en-us/124149"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124151",
"url": "https://support.apple.com/en-us/124151"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124147",
"url": "https://support.apple.com/en-us/124147"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124153",
"url": "https://support.apple.com/en-us/124153"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124154",
"url": "https://support.apple.com/en-us/124154"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 Apple 124148",
"url": "https://support.apple.com/en-us/124148"
}
]
}
CVE-2025-31216 (GCVE-0-2025-31216)
Vulnerability from cvelistv5 – Published: 2025-11-21 21:22 – Updated: 2025-11-23 11:27
VLAI?
Summary
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to override managed Wi-Fi profiles.
Severity ?
CWE
- An attacker with physical access to a device may be able to override managed Wi-Fi profiles
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31216",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-23T11:27:02.943850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-23T11:27:13.980Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to override managed Wi-Fi profiles."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker with physical access to a device may be able to override managed Wi-Fi profiles",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T21:22:25.231Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122405"
},
{
"url": "https://support.apple.com/en-us/122404"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31216",
"datePublished": "2025-11-21T21:22:25.231Z",
"dateReserved": "2025-03-27T16:13:58.317Z",
"dateUpdated": "2025-11-23T11:27:13.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43374 (GCVE-0-2025-43374)
Vulnerability from cvelistv5 – Published: 2025-11-21 21:22 – Updated: 2025-11-23 11:29
VLAI?
Summary
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Sequoia 15.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory.
Severity ?
4.3 (Medium)
CWE
- An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | macOS |
Affected:
unspecified , < 14.7
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-23T11:29:10.371858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-23T11:29:17.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Sequoia 15.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T21:22:23.229Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122069"
},
{
"url": "https://support.apple.com/en-us/122716"
},
{
"url": "https://support.apple.com/en-us/122405"
},
{
"url": "https://support.apple.com/en-us/122404"
},
{
"url": "https://support.apple.com/en-us/122721"
},
{
"url": "https://support.apple.com/en-us/122722"
},
{
"url": "https://support.apple.com/en-us/122070"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43374",
"datePublished": "2025-11-21T21:22:23.229Z",
"dateReserved": "2025-04-16T15:24:37.115Z",
"dateUpdated": "2025-11-23T11:29:17.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43282 (GCVE-0-2025-43282)
Vulnerability from cvelistv5 – Published: 2025-10-15 20:00 – Updated: 2025-10-15 20:40
VLAI?
Summary
A double free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, watchOS 11.6, tvOS 18.6, visionOS 2.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7, iPadOS 17.7.9. An app may be able to cause unexpected system termination.
Severity ?
5.5 (Medium)
CWE
- An app may be able to cause unexpected system termination
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43282",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T20:39:59.623779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T20:40:40.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A double free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, watchOS 11.6, tvOS 18.6, visionOS 2.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7, iPadOS 17.7.9. An app may be able to cause unexpected system termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to cause unexpected system termination",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T20:00:49.228Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124147"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43282",
"datePublished": "2025-10-15T20:00:49.228Z",
"dateReserved": "2025-04-16T15:24:37.101Z",
"dateUpdated": "2025-10-15T20:40:40.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43216 (GCVE-0-2025-43216)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:36 – Updated: 2025-11-04 21:10
VLAI?
Summary
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity ?
6.5 (Medium)
CWE
- Processing maliciously crafted web content may lead to an unexpected Safari crash
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | Safari |
Affected:
unspecified , < 18.6
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43216",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:23:42.071609Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T18:06:11.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:32.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Aug/0"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/36"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/35"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/30"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/02/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to an unexpected Safari crash",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T22:57:09.239Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124152"
},
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43216",
"datePublished": "2025-07-29T23:36:05.488Z",
"dateReserved": "2025-04-16T15:24:37.089Z",
"dateUpdated": "2025-11-04T21:10:32.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43217 (GCVE-0-2025-43217)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:36 – Updated: 2025-11-03 20:00
VLAI?
Summary
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6. Privacy Indicators for microphone or camera access may not be correctly displayed.
Severity ?
4 (Medium)
CWE
- Privacy Indicators for microphone or camera access may not be correctly displayed
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43217",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T14:46:04.375783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T14:46:14.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:00:56.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/30"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6. Privacy Indicators for microphone or camera access may not be correctly displayed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privacy Indicators for microphone or camera access may not be correctly displayed",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:52.992Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43217",
"datePublished": "2025-07-29T23:36:00.631Z",
"dateReserved": "2025-04-16T15:24:37.089Z",
"dateUpdated": "2025-11-03T20:00:56.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-31276 (GCVE-0-2025-31276)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-03 19:52
VLAI?
Summary
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the 'Load Remote Images' setting is turned off.
Severity ?
5.3 (Medium)
CWE
- Remote content may be loaded even when the 'Load Remote Images' setting is turned off
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T15:01:40.281222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T15:01:46.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:52:45.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the \u0027Load Remote Images\u0027 setting is turned off."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote content may be loaded even when the \u0027Load Remote Images\u0027 setting is turned off",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:49.379Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31276",
"datePublished": "2025-07-29T23:35:57.153Z",
"dateReserved": "2025-03-27T16:13:58.344Z",
"dateUpdated": "2025-11-03T19:52:45.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43230 (GCVE-0-2025-43230)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-03 20:02
VLAI?
Summary
The issue was addressed with additional permissions checks. This issue is fixed in iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. An app may be able to access user-sensitive data.
Severity ?
4 (Medium)
CWE
- An app may be able to access user-sensitive data
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T17:15:32.019237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T17:15:40.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:02:05.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/37"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/35"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/30"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. An app may be able to access user-sensitive data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to access user-sensitive data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:40.457Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43230",
"datePublished": "2025-07-29T23:35:52.786Z",
"dateReserved": "2025-04-16T15:24:37.091Z",
"dateUpdated": "2025-11-03T20:02:05.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43226 (GCVE-0-2025-43226)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-03 20:01
VLAI?
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6. Processing a maliciously crafted image may result in disclosure of process memory.
Severity ?
4 (Medium)
CWE
- Processing a maliciously crafted image may result in disclosure of process memory
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:31:06.332780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T13:31:38.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:01:46.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/37"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/36"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/35"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/30"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6. Processing a maliciously crafted image may result in disclosure of process memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may result in disclosure of process memory",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:35:51.980Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43226",
"datePublished": "2025-07-29T23:35:51.980Z",
"dateReserved": "2025-04-16T15:24:37.090Z",
"dateUpdated": "2025-11-03T20:01:46.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24224 (GCVE-0-2025-24224)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-03 19:44
VLAI?
Summary
The issue was addressed with improved checks. This issue is fixed in tvOS 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5, macOS Ventura 13.7.7. A remote attacker may be able to cause unexpected system termination.
Severity ?
7.5 (High)
CWE
- A remote attacker may be able to cause unexpected system termination
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24224",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T17:56:40.270140Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T17:56:48.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:22.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/34"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in tvOS 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5, macOS Ventura 13.7.7. A remote attacker may be able to cause unexpected system termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause unexpected system termination",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:35:50.861Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/122720"
},
{
"url": "https://support.apple.com/en-us/122716"
},
{
"url": "https://support.apple.com/en-us/122404"
},
{
"url": "https://support.apple.com/en-us/122721"
},
{
"url": "https://support.apple.com/en-us/122722"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-24224",
"datePublished": "2025-07-29T23:35:50.861Z",
"dateReserved": "2025-01-17T00:00:45.004Z",
"dateUpdated": "2025-11-03T19:44:22.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43211 (GCVE-0-2025-43211)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-04 21:10
VLAI?
Summary
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.
Severity ?
6.2 (Medium)
CWE
- Processing web content may lead to a denial-of-service
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | Safari |
Affected:
unspecified , < 18.6
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43211",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T18:06:53.396416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T18:07:12.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:28.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Aug/0"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/36"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/02/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing web content may lead to a denial-of-service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T22:57:07.203Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124152"
},
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43211",
"datePublished": "2025-07-29T23:35:43.117Z",
"dateReserved": "2025-04-16T15:24:37.088Z",
"dateUpdated": "2025-11-04T21:10:28.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43209 (GCVE-0-2025-43209)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-03 20:00
VLAI?
Summary
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, visionOS 2.6, macOS Ventura 13.7.7. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity ?
9.8 (Critical)
CWE
- Processing maliciously crafted web content may lead to an unexpected Safari crash
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:25:26.617061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T18:07:32.762Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:00:19.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/37"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/36"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/34"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, visionOS 2.6, macOS Ventura 13.7.7. Processing maliciously crafted web content may lead to an unexpected Safari crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to an unexpected Safari crash",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:22.121Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124147"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43209",
"datePublished": "2025-07-29T23:35:27.601Z",
"dateReserved": "2025-04-16T15:24:37.088Z",
"dateUpdated": "2025-11-03T20:00:19.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-31278 (GCVE-0-2025-31278)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:35 – Updated: 2025-11-04 21:10
VLAI?
Summary
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.
Severity ?
8.8 (High)
CWE
- Processing maliciously crafted web content may lead to memory corruption
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | Safari |
Affected:
unspecified , < 18.6
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T03:56:02.495080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:56:04.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:04.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Aug/0"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/36"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/02/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to memory corruption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T22:57:01.571Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124152"
},
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124147"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31278",
"datePublished": "2025-07-29T23:35:08.211Z",
"dateReserved": "2025-03-27T16:13:58.344Z",
"dateUpdated": "2025-11-04T21:10:04.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43220 (GCVE-0-2025-43220)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:29 – Updated: 2025-11-03 20:01
VLAI?
Summary
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
Severity ?
9.8 (Critical)
CWE
- An app may be able to access protected user data
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:28:10.388735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:56:39.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:01:03.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/34"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to access protected user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:36:06.551Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43220",
"datePublished": "2025-07-29T23:29:28.537Z",
"dateReserved": "2025-04-16T15:24:37.090Z",
"dateUpdated": "2025-11-03T20:01:03.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43225 (GCVE-0-2025-43225)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:29 – Updated: 2025-11-03 20:01
VLAI?
Summary
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to access sensitive user data.
Severity ?
5.5 (Medium)
CWE
- An app may be able to access sensitive user data
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:29:30.932861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:57:43.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:01:36.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/34"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to access sensitive user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to access sensitive user data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:24.216Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43225",
"datePublished": "2025-07-29T23:29:16.305Z",
"dateReserved": "2025-04-16T15:24:37.090Z",
"dateUpdated": "2025-11-03T20:01:36.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43222 (GCVE-0-2025-43222)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:29 – Updated: 2025-11-03 20:01
VLAI?
Summary
A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An attacker may be able to cause unexpected app termination.
Severity ?
9.8 (Critical)
CWE
- An attacker may be able to cause unexpected app termination
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:30:24.156845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:58:23.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:01:14.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/34"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An attacker may be able to cause unexpected app termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker may be able to cause unexpected app termination",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:16.976Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43222",
"datePublished": "2025-07-29T23:29:08.611Z",
"dateReserved": "2025-04-16T15:24:37.090Z",
"dateUpdated": "2025-11-03T20:01:14.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-31279 (GCVE-0-2025-31279)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:29 – Updated: 2025-11-03 19:53
VLAI?
Summary
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user.
Severity ?
9.8 (Critical)
CWE
- An app may be able to fingerprint the user
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:31:08.708211Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:58:53.213Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:53:01.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/34"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to fingerprint the user",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:54:08.924Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31279",
"datePublished": "2025-07-29T23:29:02.921Z",
"dateReserved": "2025-03-27T16:13:58.345Z",
"dateUpdated": "2025-11-03T19:53:01.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43223 (GCVE-0-2025-43223)
Vulnerability from cvelistv5 – Published: 2025-07-29 23:28 – Updated: 2025-11-03 20:01
VLAI?
Summary
A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings.
Severity ?
7.5 (High)
CWE
- A non-privileged user may be able to modify restricted network settings
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iPadOS |
Affected:
unspecified , < 17.7
(custom)
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:19:26.285009Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T13:22:29.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:01:24.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/37"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/36"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/35"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/33"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/32"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/31"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/30"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A non-privileged user may be able to modify restricted network settings",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T23:28:53.779Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/124148"
},
{
"url": "https://support.apple.com/en-us/124149"
},
{
"url": "https://support.apple.com/en-us/124153"
},
{
"url": "https://support.apple.com/en-us/124154"
},
{
"url": "https://support.apple.com/en-us/124155"
},
{
"url": "https://support.apple.com/en-us/124150"
},
{
"url": "https://support.apple.com/en-us/124147"
},
{
"url": "https://support.apple.com/en-us/124151"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43223",
"datePublished": "2025-07-29T23:28:53.779Z",
"dateReserved": "2025-04-16T15:24:37.090Z",
"dateUpdated": "2025-11-03T20:01:24.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43200 (GCVE-0-2025-43200)
Vulnerability from cvelistv5 – Published: 2025-06-16 21:36 – Updated: 2025-10-29 13:02
VLAI?
Summary
This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Severity ?
4.2 (Medium)
CWE
- A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS and iPadOS |
Affected:
unspecified , < 16.7
(custom)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"dateAdded": "2025-06-16",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43200"
},
"type": "kev"
}
},
{
"other": {
"content": {
"id": "CVE-2025-43200",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T13:32:03.409332Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T13:02:01.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"url": "https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43200"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "16.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T21:36:25.578Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122346"
},
{
"url": "https://support.apple.com/en-us/122901"
},
{
"url": "https://support.apple.com/en-us/122900"
},
{
"url": "https://support.apple.com/en-us/122173"
},
{
"url": "https://support.apple.com/en-us/122903"
},
{
"url": "https://support.apple.com/en-us/122345"
},
{
"url": "https://support.apple.com/en-us/122902"
},
{
"url": "https://support.apple.com/en-us/122174"
},
{
"url": "https://support.apple.com/en-us/122904"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-43200",
"datePublished": "2025-06-16T21:36:25.578Z",
"dateReserved": "2025-04-16T15:24:37.088Z",
"dateUpdated": "2025-10-29T13:02:01.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24184 (GCVE-0-2025-24184)
Vulnerability from cvelistv5 – Published: 2025-05-19 16:00 – Updated: 2025-05-19 16:52
VLAI?
Summary
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to cause unexpected system termination.
Severity ?
5.5 (Medium)
CWE
- An app may be able to cause unexpected system termination
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-19T16:52:25.808398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-19T16:52:43.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to cause unexpected system termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to cause unexpected system termination",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-19T16:00:19.064Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122073"
},
{
"url": "https://support.apple.com/en-us/122072"
},
{
"url": "https://support.apple.com/en-us/122068"
},
{
"url": "https://support.apple.com/en-us/122067"
},
{
"url": "https://support.apple.com/en-us/122071"
},
{
"url": "https://support.apple.com/en-us/122066"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-24184",
"datePublished": "2025-05-19T16:00:19.064Z",
"dateReserved": "2025-01-17T00:00:44.994Z",
"dateUpdated": "2025-05-19T16:52:43.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-31220 (GCVE-0-2025-31220)
Vulnerability from cvelistv5 – Published: 2025-05-12 21:43 – Updated: 2025-11-03 19:49
VLAI?
Summary
A privacy issue was addressed by removing sensitive data. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to read sensitive location information.
Severity ?
5.5 (Medium)
CWE
- A malicious app may be able to read sensitive location information
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T15:27:35.984368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T15:27:40.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:49:54.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/May/9"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/8"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/7"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed by removing sensitive data. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to read sensitive location information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious app may be able to read sensitive location information",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T21:43:05.277Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122716"
},
{
"url": "https://support.apple.com/en-us/122405"
},
{
"url": "https://support.apple.com/en-us/122717"
},
{
"url": "https://support.apple.com/en-us/122718"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31220",
"datePublished": "2025-05-12T21:43:05.277Z",
"dateReserved": "2025-03-27T16:13:58.319Z",
"dateUpdated": "2025-11-03T19:49:54.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-31241 (GCVE-0-2025-31241)
Vulnerability from cvelistv5 – Published: 2025-05-12 21:43 – Updated: 2025-11-03 19:51
VLAI?
Summary
A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.
Severity ?
5.3 (Medium)
CWE
- A remote attacker may cause an unexpected app termination
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | tvOS |
Affected:
unspecified , < 18.5
(custom)
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-14T21:01:30.465180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T21:01:38.884Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:51:41.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/May/12"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/11"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/9"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/8"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/7"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/6"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may cause an unexpected app termination",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T21:43:01.167Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122720"
},
{
"url": "https://support.apple.com/en-us/122716"
},
{
"url": "https://support.apple.com/en-us/122405"
},
{
"url": "https://support.apple.com/en-us/122404"
},
{
"url": "https://support.apple.com/en-us/122717"
},
{
"url": "https://support.apple.com/en-us/122721"
},
{
"url": "https://support.apple.com/en-us/122722"
},
{
"url": "https://support.apple.com/en-us/122718"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31241",
"datePublished": "2025-05-12T21:43:01.167Z",
"dateReserved": "2025-03-27T16:13:58.325Z",
"dateUpdated": "2025-11-03T19:51:41.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24111 (GCVE-0-2025-24111)
Vulnerability from cvelistv5 – Published: 2025-05-12 21:42 – Updated: 2025-11-03 19:43
VLAI?
Summary
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
Severity ?
5.5 (Medium)
CWE
- An app may be able to cause unexpected system termination
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | visionOS |
Affected:
unspecified , < 2.3
(custom)
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T20:15:40.276746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T15:08:23.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:43:12.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/May/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "17.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An app may be able to cause unexpected system termination",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T21:42:58.814Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122073"
},
{
"url": "https://support.apple.com/en-us/122072"
},
{
"url": "https://support.apple.com/en-us/122068"
},
{
"url": "https://support.apple.com/en-us/122405"
},
{
"url": "https://support.apple.com/en-us/122374"
},
{
"url": "https://support.apple.com/en-us/122071"
},
{
"url": "https://support.apple.com/en-us/122066"
},
{
"url": "https://support.apple.com/en-us/122375"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-24111",
"datePublished": "2025-05-12T21:42:58.814Z",
"dateReserved": "2025-01-17T00:00:44.969Z",
"dateUpdated": "2025-11-03T19:43:12.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}