Vulnerabilities (CVE)

Filtered by CWE-119
Total 13622 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-43539 1 Apple 1 Macos 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing a file may lead to memory corruption.
CVE-2025-43504 1 Apple 1 Xcode 2026-06-17 N/A 4.9 MEDIUM
A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able to cause a denial-of-service.
CVE-2025-43447 1 Apple 4 Ipados, Iphone Os, Visionos and 1 more 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2025-43435 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2026-06-17 N/A 4.3 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43431 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43429 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2026-06-17 N/A 4.3 MEDIUM
A buffer overflow was addressed with improved bounds checking. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43425 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2026-06-17 N/A 4.3 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43424 1 Apple 2 Ipados, Iphone Os 2026-06-17 N/A 6.5 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. A malicious HID device may cause an unexpected process crash.
CVE-2025-43419 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43398 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination.
CVE-2025-43373 1 Apple 1 Macos 2026-06-17 N/A 7.5 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2025-43343 3 Apple, Webkitgtk, Wpewebkit 9 Ipados, Iphone Os, Macos and 6 more 2026-06-17 N/A 9.8 CRITICAL
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43287 1 Apple 1 Macos 2026-06-17 N/A 7.1 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26. Processing a maliciously crafted image may corrupt process memory.
CVE-2025-43277 1 Apple 1 Macos 2026-06-17 N/A 7.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption.
CVE-2025-43272 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 6.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43264 1 Apple 1 Macos 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory.
CVE-2025-43212 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2026-06-17 N/A 6.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43186 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 9.8 CRITICAL
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Parsing a file may lead to an unexpected app termination.
CVE-2025-3993 1 Totolink 2 N150rt, N150rt Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-3992 1 Totolink 2 N150rt, N150rt Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability has been found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlwds. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.