macOS Ventura

CVEs (19)

CVE	Vendor / Product	Sev	Risk	CVSS	KEV	Published	Description
CVE-2025-43243	Apple Inc. macOS	Cri	0.64	9.8		Jul 30, 2025	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
CVE-2025-43187	Apple Inc. macOS	Hig	0.51	7.8		Aug 29, 2025	This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Running an hdiutil command may unexpectedly execute arbitrary code.
CVE-2025-31243	Apple Inc. macOS	Hig	0.51	7.8		Jul 30, 2025	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
CVE-2025-24119	Apple Inc. macOS	Hig	0.51	7.8		Jul 30, 2025	This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
CVE-2025-31235	Apple Inc. macOS	Med	0.42	6.5		May 12, 2025	A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination.
CVE-2025-43284	Apple Inc. macOS	Med	0.36	5.5		Aug 29, 2025	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.
CVE-2025-43241	Apple Inc. macOS	Med	0.36	5.5		Jul 30, 2025	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to read files outside of its sandbox.
CVE-2025-43225	Apple Inc. macOS	Med	0.36	5.5		Jul 30, 2025	A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.
CVE-2025-31261	Apple Inc. macOS	Med	0.36	5.5		May 29, 2025	A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
CVE-2025-24155	Apple Inc. macOS	Med	0.36	5.5		May 12, 2025	The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to disclose kernel memory.
CVE-2025-24142	Apple Inc. macOS	Med	0.36	5.5		May 12, 2025	A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to access sensitive user data.
CVE-2025-31264	Apple Inc. macOS	Med	0.30	4.6		May 29, 2025	An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
CVE-2025-43236	Apple Inc. macOS	Low	0.21	3.3		Apr 2, 2026	A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.
CVE-2023-43000	Cisco Systems, Inc. Cisco iOS		0.12	—	KEV	Nov 5, 2025	A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43191	Apple Inc. macOS		0.00	—		Jul 29, 2025	A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.
CVE-2025-43266	Apple Inc. macOS		0.00	—		Jul 29, 2025	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
CVE-2025-43245	Apple Inc. macOS		0.00	—		Jul 29, 2025	A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
CVE-2025-43249	Apple Inc. macOS		0.00	—		Jul 29, 2025	A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
CVE-2025-43220	Apple Inc. macOS		0.00	—		Jul 29, 2025	This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.

CVE-2025-43243CriJul 30, 2025
Apple Inc.
macOS
risk 0.64cvss 9.8epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
CVE-2025-43187HigAug 29, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Running an hdiutil command may unexpectedly execute arbitrary code.
CVE-2025-31243HigJul 30, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
CVE-2025-24119HigJul 30, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
CVE-2025-31235MedMay 12, 2025
Apple Inc.
macOS
risk 0.42cvss 6.5epss 0.00
A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination.
CVE-2025-43284MedAug 29, 2025
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.
CVE-2025-43241MedJul 30, 2025
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to read files outside of its sandbox.
CVE-2025-43225MedJul 30, 2025
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.
CVE-2025-31261MedMay 29, 2025
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
CVE-2025-24155MedMay 12, 2025
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to disclose kernel memory.
CVE-2025-24142MedMay 12, 2025
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to access sensitive user data.
CVE-2025-31264MedMay 29, 2025
Apple Inc.
macOS
risk 0.30cvss 4.6epss 0.00
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
CVE-2025-43236LowApr 2, 2026
Apple Inc.
macOS
risk 0.21cvss 3.3epss 0.00
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.
CVE-2023-43000KEVNov 5, 2025
Cisco Systems, Inc.
Cisco iOS
risk 0.12cvss —epss 0.00
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43191Jul 29, 2025
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.
CVE-2025-43266Jul 29, 2025
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
CVE-2025-43245Jul 29, 2025
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
CVE-2025-43249Jul 29, 2025
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
CVE-2025-43220Jul 29, 2025
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.