Filtered by vendor Apple
Subscribe
Total
14413 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31253 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 7.1 HIGH |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced. | |||||
| CVE-2025-31250 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31249 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 7.1 HIGH |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31246 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory. | |||||
| CVE-2025-31244 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 8.8 HIGH |
| A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox. | |||||
| CVE-2025-31236 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-31229 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 9.1 CRITICAL |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver. | |||||
| CVE-2025-31227 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 4.6 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to access a deleted call recording. | |||||
| CVE-2025-31225 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 7.1 HIGH |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and iPadOS 18.5. Call history from deleted apps may still appear in spotlight search results. | |||||
| CVE-2025-31218 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 6.2 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to observe the hostnames of new network connections. | |||||
| CVE-2025-31214 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 8.1 HIGH |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic. | |||||
| CVE-2025-31207 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 7.7 HIGH |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps. | |||||
| CVE-2025-24222 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5. Processing maliciously crafted web content may lead to an unexpected process crash. | |||||
| CVE-2025-24188 | 1 Apple | 2 Macos, Safari | 2025-11-03 | N/A | 6.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. | |||||
| CVE-2025-54257 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-11-03 | N/A | 7.8 HIGH |
| Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and scope is unchanged. | |||||
| CVE-2025-43375 | 1 Apple | 1 Xcode | 2025-11-03 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process. | |||||
| CVE-2025-43371 | 1 Apple | 1 Xcode | 2025-11-03 | N/A | 8.2 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox. | |||||
| CVE-2025-43370 | 1 Apple | 1 Xcode | 2025-11-03 | N/A | 4.0 MEDIUM |
| A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process. | |||||
| CVE-2025-43369 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-43366 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory. | |||||