VYPR

macOS

by Apple Inc.

CVEs (3,325)

  • CVE-2025-43414MedNov 4, 2025
    risk 0.40cvss 6.2epss 0.00

    A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.

  • CVE-2025-43240MedJul 30, 2025
    risk 0.40cvss 6.2epss 0.01

    A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be incorrectly associated.

  • CVE-2025-43229MedJul 30, 2025
    risk 0.40cvss 6.1epss 0.00

    This issue was addressed through improved state management. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to universal cross site scripting.

  • CVE-2025-43211MedJul 30, 2025
    risk 0.40cvss 6.2epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service.

  • CVE-2025-43191MedJul 30, 2025
    risk 0.40cvss 6.2epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.

  • CVE-2025-31275MedJul 30, 2025
    risk 0.40cvss 6.2epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to launch any installed app.

  • CVE-2025-31218MedMay 12, 2025
    risk 0.40cvss 6.2epss 0.00

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to observe the hostnames of new network connections.

  • CVE-2024-54565MedMar 17, 2025
    risk 0.40cvss 6.2epss 0.00

    The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to access sensitive user data.

  • CVE-2024-44145MedOct 28, 2024
    risk 0.40cvss 6.1epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.

  • CVE-2024-40857MedSep 17, 2024
    risk 0.40cvss 6.1epss 0.01

    This issue was addressed through improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to universal cross site scripting.

  • CVE-2024-40826MedSep 17, 2024
    risk 0.40cvss 6.1epss 0.00

    A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview.

  • CVE-2024-40797MedSep 17, 2024
    risk 0.40cvss 6.1epss 0.00

    This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Visiting a malicious website may lead to user interface spoofing.

  • CVE-2024-40817MedJul 29, 2024
    risk 0.40cvss 6.1epss 0.01

    The issue was addressed with improved UI handling. This issue is fixed in Safari 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Visiting a website that frames malicious content may lead to UI spoofing.

  • CVE-2024-40785MedJul 29, 2024
    risk 0.40cvss 6.1epss 0.01

    This issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to a cross site scripting…

  • CVE-2024-27877MedJul 29, 2024
    risk 0.40cvss 6.1epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.

  • CVE-2024-23223MedJan 23, 2024
    risk 0.40cvss 6.2epss 0.00

    A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to access sensitive user data.

  • CVE-2023-32445MedJul 28, 2023
    risk 0.40cvss 6.1epss 0.00

    This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack.

  • CVE-2022-42799MedNov 1, 2022
    risk 0.40cvss 6.1epss 0.01

    The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.

  • CVE-2022-22589MedMar 18, 2022
    risk 0.40cvss 6.1epss 0.02

    A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

  • CVE-2021-30689MedSep 8, 2021
    risk 0.40cvss 6.1epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

Page 94 of 167