macOS Ventura
by Apple Inc.
CVEs (438)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-43243 | Cri | 0.64 | 9.8 | 0.01 | Jul 30, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system. | ||
| CVE-2025-30462 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions. | ||
| CVE-2025-30457 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to create symlinks to protected regions of the disk. | ||
| CVE-2025-24266 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination. | ||
| CVE-2025-24265 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination. | ||
| CVE-2025-24260 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a privileged position may be able to perform a denial-of-service. | ||
| CVE-2025-24256 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to disclose kernel memory. | ||
| CVE-2025-24250 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app acting as a HTTPS proxy could get access to sensitive user data. | ||
| CVE-2025-24249 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to check the existence of an arbitrary path on the file system. | ||
| CVE-2025-24247 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker may be able to cause unexpected app termination. | ||
| CVE-2025-24246 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data. | ||
| CVE-2025-24241 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to trick a user into copying sensitive data to the pasteboard. | ||
| CVE-2025-24233 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to read or write to protected files. | ||
| CVE-2025-24232 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access arbitrary files. | ||
| CVE-2025-24231 | Cri | 0.64 | 9.8 | 0.01 | Mar 31, 2025 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system. | ||
| CVE-2025-24093 | Cri | 0.64 | 9.8 | 0.01 | Jan 27, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access removable volumes without user consent. | ||
| CVE-2024-23225 | Hig | 0.63 | 7.8 | 0.01 | KEV | Mar 5, 2024 | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary… | |
| CVE-2025-24254 | Hig | 0.57 | 8.8 | 0.01 | Mar 31, 2025 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user may be able to elevate privileges. | ||
| CVE-2024-54514 | Hig | 0.56 | 8.6 | 0.00 | Dec 12, 2024 | The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox. | ||
| CVE-2024-44256 | Hig | 0.56 | 8.6 | 0.00 | Oct 28, 2024 | The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to break out of its sandbox. |
- risk 0.64cvss 9.8epss 0.01
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
- risk 0.64cvss 9.8epss 0.01
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions.
- risk 0.64cvss 9.8epss 0.01
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to create symlinks to protected regions of the disk.
- risk 0.64cvss 9.8epss 0.01
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
- risk 0.64cvss 9.8epss 0.01
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
- risk 0.64cvss 9.8epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a privileged position may be able to perform a denial-of-service.
- risk 0.64cvss 9.8epss 0.01
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to disclose kernel memory.
- risk 0.64cvss 9.8epss 0.01
This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app acting as a HTTPS proxy could get access to sensitive user data.
- risk 0.64cvss 9.8epss 0.01
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to check the existence of an arbitrary path on the file system.
- risk 0.64cvss 9.8epss 0.01
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker may be able to cause unexpected app termination.
- risk 0.64cvss 9.8epss 0.01
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data.
- risk 0.64cvss 9.8epss 0.01
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to trick a user into copying sensitive data to the pasteboard.
- risk 0.64cvss 9.8epss 0.01
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to read or write to protected files.
- risk 0.64cvss 9.8epss 0.01
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access arbitrary files.
- risk 0.64cvss 9.8epss 0.01
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
- risk 0.64cvss 9.8epss 0.01
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access removable volumes without user consent.
- risk 0.63cvss 7.8epss 0.01
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary…
- risk 0.57cvss 8.8epss 0.01
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user may be able to elevate privileges.
- risk 0.56cvss 8.6epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox.
- risk 0.56cvss 8.6epss 0.00
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to break out of its sandbox.
Page 1 of 22