VYPR

macOS Sonoma

by Apple Inc.

CVEs (436)

  • CVE-2024-27813HigMay 14, 2024
    risk 0.56cvss 8.6epss 0.00

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

  • CVE-2024-23246HigMar 8, 2024
    risk 0.56cvss 8.6epss 0.01

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to break out of its sandbox.

  • CVE-2024-0258HigMar 8, 2024
    risk 0.56cvss 8.6epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

  • CVE-2023-42916MedKEVNov 30, 2023
    risk 0.56cvss 6.5epss 0.18

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been…

  • CVE-2025-24255HigMar 31, 2025
    risk 0.55cvss 8.4epss 0.00

    A file access issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox.

  • CVE-2024-27815HigJun 10, 2024
    risk 0.53cvss 7.8epss 0.02

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.

  • CVE-2025-43306HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

  • CVE-2026-20615HigFeb 11, 2026
    risk 0.51cvss 7.8epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to gain root privileges.

  • CVE-2025-43402HigDec 12, 2025
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.

  • CVE-2025-43476HigNov 4, 2025
    risk 0.51cvss 7.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox.

  • CVE-2025-43474HigNov 4, 2025
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or read kernel memory.

  • CVE-2025-43361HigNov 4, 2025
    risk 0.51cvss 7.8epss 0.00

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A malicious app may be able to read kernel memory.

  • CVE-2025-43372HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved input validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process…

  • CVE-2025-43341HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.

  • CVE-2025-43298HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.

  • CVE-2025-43286HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox.

  • CVE-2025-43187HigAug 29, 2025
    risk 0.51cvss 7.8epss 0.00

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Running an hdiutil command may unexpectedly execute arbitrary code.

  • CVE-2025-31243HigJul 30, 2025
    risk 0.51cvss 7.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.

  • CVE-2025-24119HigJul 30, 2025
    risk 0.51cvss 7.8epss 0.00

    This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

  • CVE-2025-31188HigMar 31, 2025
    risk 0.51cvss 7.8epss 0.00

    A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to bypass Privacy preferences.

Page 3 of 22