macOS Sequoia
by Apple Inc.
CVEs (390)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-43268 | 0.00 | — | 0.00 | Aug 29, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges. | |||
| CVE-2025-43191 | 0.00 | — | 0.00 | Jul 29, 2025 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service. | |||
| CVE-2025-43237 | 0.00 | — | 0.01 | Jul 29, 2025 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination. | |||
| CVE-2025-24188 | 0.00 | — | 0.01 | Jul 29, 2025 | A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. | |||
| CVE-2025-43266 | 0.00 | — | 0.00 | Jul 29, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox. | |||
| CVE-2025-43245 | 0.00 | — | 0.01 | Jul 29, 2025 | A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data. | |||
| CVE-2025-43253 | 0.00 | — | 0.01 | Jul 29, 2025 | This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device. | |||
| CVE-2025-43249 | 0.00 | — | 0.00 | Jul 29, 2025 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges. | |||
| CVE-2025-31280 | 0.00 | — | 0.00 | Jul 29, 2025 | A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption. | |||
| CVE-2025-43215 | 0.00 | — | 0.00 | Jul 29, 2025 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory. | |||
| CVE-2025-43188 | 0.00 | — | 0.00 | Jul 29, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges. | |||
| CVE-2025-43220 | 0.00 | — | 0.01 | Jul 29, 2025 | This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data. | |||
| CVE-2025-43251 | 0.00 | — | 0.00 | Jul 29, 2025 | An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items. | |||
| CVE-2025-43248 | 0.00 | — | 0.00 | Jul 29, 2025 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges. | |||
| CVE-2025-43235 | 0.00 | — | 0.00 | Jul 29, 2025 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause a denial-of-service. | |||
| CVE-2025-31236 | 0.00 | — | 0.00 | May 12, 2025 | An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||
| CVE-2025-31256 | 0.00 | — | 0.00 | May 12, 2025 | The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes. | |||
| CVE-2025-31260 | 0.00 | — | 0.00 | May 12, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||
| CVE-2025-31250 | 0.00 | — | 0.00 | May 12, 2025 | An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | |||
| CVE-2025-31195 | 0.00 | — | 0.00 | May 12, 2025 | The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox. |
- CVE-2025-43268Aug 29, 2025risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.
- CVE-2025-43191Jul 29, 2025risk 0.00cvss —epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.
- CVE-2025-43237Jul 29, 2025risk 0.00cvss —epss 0.01
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination.
- CVE-2025-24188Jul 29, 2025risk 0.00cvss —epss 0.01
A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- CVE-2025-43266Jul 29, 2025risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
- CVE-2025-43245Jul 29, 2025risk 0.00cvss —epss 0.01
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
- CVE-2025-43253Jul 29, 2025risk 0.00cvss —epss 0.01
This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device.
- CVE-2025-43249Jul 29, 2025risk 0.00cvss —epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
- CVE-2025-31280Jul 29, 2025risk 0.00cvss —epss 0.00
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption.
- CVE-2025-43215Jul 29, 2025risk 0.00cvss —epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory.
- CVE-2025-43188Jul 29, 2025risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.
- CVE-2025-43220Jul 29, 2025risk 0.00cvss —epss 0.01
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
- CVE-2025-43251Jul 29, 2025risk 0.00cvss —epss 0.00
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items.
- CVE-2025-43248Jul 29, 2025risk 0.00cvss —epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges.
- CVE-2025-43235Jul 29, 2025risk 0.00cvss —epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause a denial-of-service.
- CVE-2025-31236May 12, 2025risk 0.00cvss —epss 0.00
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
- CVE-2025-31256May 12, 2025risk 0.00cvss —epss 0.00
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.
- CVE-2025-31260May 12, 2025risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
- CVE-2025-31250May 12, 2025risk 0.00cvss —epss 0.00
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
- CVE-2025-31195May 12, 2025risk 0.00cvss —epss 0.00
The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
Page 17 of 20