Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
4977 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43393 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-15 | 5.2 Medium |
| A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox. | ||||
| CVE-2025-43404 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-15 | 3.3 Low |
| A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data. | ||||
| CVE-2025-43351 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-15 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data. | ||||
| CVE-2025-43516 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-15 | 3.3 Low |
| A session management issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. A user with Voice Control enabled may be able to transcribe another user's activity. | ||||
| CVE-2025-43522 | 1 Apple | 2 Macos, Macos Sequoia | 2025-12-15 | N/A |
| A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access user-sensitive data. | ||||
| CVE-2025-43518 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-15 | 3.3 Low |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to inappropriately access files through the spellcheck API. | ||||
| CVE-2025-43521 | 1 Apple | 1 Macos | 2025-12-15 | 5.5 Medium |
| A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access sensitive user data. | ||||
| CVE-2025-14174 | 4 Apple, Google, Linux and 1 more | 11 Ipados, Iphone Os, Macos and 8 more | 2025-12-15 | 8.8 High |
| Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-43494 | 1 Apple | 8 Ios, Ipad Os, Macos and 5 more | 2025-12-15 | 7.5 High |
| A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. An attacker may be able to cause a persistent denial-of-service. | ||||
| CVE-2025-43466 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-15 | 5.5 Medium |
| An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data. | ||||
| CVE-2025-46285 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-15 | 7.8 High |
| An integer overflow was addressed by adopting 64-bit timestamps. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to gain root privileges. | ||||
| CVE-2025-43461 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-15 | 5.5 Medium |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data. | ||||
| CVE-2025-43381 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-15 | 5.5 Medium |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete protected user data. | ||||
| CVE-2025-14714 | 2 Apple, The Document Foundation | 2 Macos, Libreoffice | 2025-12-15 | N/A |
| An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with the application's TCC privileges In fixed versions parent-constraints are used to allow only the main application to launch interpreter with those permissions This issue affects LibreOffice on macOS: from 25.2 before < 25.2.4. | ||||
| CVE-2025-43532 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-15 | 2.8 Low |
| A memory corruption issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. Processing malicious data may lead to unexpected app termination. | ||||
| CVE-2025-43482 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-15 | 5.5 Medium |
| The issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to cause a denial-of-service. | ||||
| CVE-2025-43388 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-14 | N/A |
| An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data. | ||||
| CVE-2025-43510 | 1 Apple | 10 Ios, Ipad Os, Ipados and 7 more | 2025-12-14 | N/A |
| A memory corruption issue was addressed with improved lock state checking. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may cause unexpected changes in memory shared between processes. | ||||
| CVE-2025-43513 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-14 | N/A |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to read sensitive location information. | ||||
| CVE-2025-43523 | 1 Apple | 1 Macos | 2025-12-14 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access sensitive user data. | ||||