Total
4157 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24241 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 9.8 CRITICAL |
| A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to trick a user into copying sensitive data to the pasteboard. | |||||
| CVE-2025-24236 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-24229 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.4 HIGH |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A sandboxed app may be able to access sensitive user data. | |||||
| CVE-2025-24218 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. An app may be able to access information about a user's contacts. | |||||
| CVE-2025-24215 | 1 Apple | 2 Ipados, Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information. | |||||
| CVE-2025-24214 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed by not logging contents of text fields. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data. | |||||
| CVE-2025-24205 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data. | |||||
| CVE-2025-24202 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. | |||||
| CVE-2025-24198 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 6.6 MEDIUM |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access may be able to use Siri to access sensitive user data. | |||||
| CVE-2025-24197 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data. | |||||
| CVE-2025-24193 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-17 | N/A | 2.4 LOW |
| This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos. | |||||
| CVE-2025-24173 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox. | |||||
| CVE-2025-24090 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-17 | N/A | 3.3 LOW |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps. | |||||
| CVE-2025-24088 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.5 HIGH |
| The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26. An app may be able to override MDM-enforced settings from profiles. | |||||
| CVE-2025-24076 | 1 Microsoft | 5 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 2 more | 2026-06-17 | N/A | 7.3 HIGH |
| Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-24042 | 1 Microsoft | 1 Visual Studio Code | 2026-06-17 | N/A | 7.3 HIGH |
| Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability | |||||
| CVE-2025-23389 | 2026-06-17 | N/A | 8.4 HIGH | ||
| A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. | |||||
| CVE-2025-23367 | 1 Redhat | 2 Jboss Enterprise Application Platform, Wildfly | 2026-06-17 | N/A | 6.5 MEDIUM |
| A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. The vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action. | |||||
| CVE-2025-23365 | 1 Siemens | 1 Tia Administrator | 2026-06-17 | N/A | 7.8 HIGH |
| A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code. | |||||
| CVE-2025-23329 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2026-06-17 | N/A | 7.5 HIGH |
| NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of service. | |||||