Refine your search

145 vulnerabilities found for iPadOS by Apple

CVE-2025-43210 (GCVE-0-2025-43210)
Vulnerability from cvelistv5
Published
2026-04-02 18:21
Modified
2026-04-02 19:42
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CWE
  • Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory
Summary
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
   Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
   Apple tvOS Version: 0   < 18.6
 Create a notification for this product.
   Apple visionOS Version: 0   < 2.6
 Create a notification for this product.
   Apple watchOS Version: 0   < 11.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43210",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-02T19:41:50.352708Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-02T19:42:30.658Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:21:26.395Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43210",
    "datePublished": "2026-04-02T18:21:26.395Z",
    "dateReserved": "2025-04-16T15:24:37.088Z",
    "dateUpdated": "2026-04-02T19:42:30.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-31216 (GCVE-0-2025-31216)
Vulnerability from cvelistv5
Published
2025-11-21 21:22
Modified
2026-04-02 18:25
Severity ?
2.4 (Low) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE
  • An attacker with physical access to a device may be able to override managed Wi-Fi profiles
Summary
The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.5
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "LOW",
              "baseScore": 2.4,
              "baseSeverity": "LOW",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-31216",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-23T11:27:02.943850Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-23T11:27:13.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An attacker with physical access to a device may be able to override managed Wi-Fi profiles",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:25:32.343Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/122404"
        },
        {
          "url": "https://support.apple.com/en-us/122405"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-31216",
    "datePublished": "2025-11-21T21:22:25.231Z",
    "dateReserved": "2025-03-27T16:13:58.317Z",
    "dateUpdated": "2026-04-02T18:25:32.343Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43374 (GCVE-0-2025-43374)
Vulnerability from cvelistv5
Published
2025-11-21 21:22
Modified
2026-04-02 18:18
Severity ?
4.3 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory
Summary
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.5
 Create a notification for this product.
   Apple iPadOS Version: 0   < 17.7.7
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.3
Version: 0   < 14.7.3
Version: 0   < 15.5
 Create a notification for this product.
   Apple tvOS Version: 0   < 18.5
 Create a notification for this product.
   Apple visionOS Version: 0   < 2.5
 Create a notification for this product.
   Apple watchOS Version: 0   < 11.5
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "LOW",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43374",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-23T11:29:10.371858Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-121",
                "description": "CWE-121 Stack-based Buffer Overflow",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-23T11:29:17.964Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:18:58.447Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/122069"
        },
        {
          "url": "https://support.apple.com/en-us/122070"
        },
        {
          "url": "https://support.apple.com/en-us/122404"
        },
        {
          "url": "https://support.apple.com/en-us/122405"
        },
        {
          "url": "https://support.apple.com/en-us/122716"
        },
        {
          "url": "https://support.apple.com/en-us/122720"
        },
        {
          "url": "https://support.apple.com/en-us/122721"
        },
        {
          "url": "https://support.apple.com/en-us/122722"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43374",
    "datePublished": "2025-11-21T21:22:23.229Z",
    "dateReserved": "2025-04-16T15:24:37.115Z",
    "dateUpdated": "2026-04-02T18:18:58.447Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43205 (GCVE-0-2025-43205)
Vulnerability from cvelistv5
Published
2025-11-12 00:20
Modified
2026-04-02 18:12
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
  • An app may be able to bypass ASLR
Summary
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to bypass ASLR.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.4
 Create a notification for this product.
   Apple iPadOS Version: 0   < 17.7.6
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.5
Version: 0   < 14.7.5
Version: 0   < 15.4
 Create a notification for this product.
   Apple tvOS Version: 0   < 18.4
 Create a notification for this product.
   Apple visionOS Version: 0   < 2.4
 Create a notification for this product.
   Apple watchOS Version: 0   < 11.4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43205",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-12T21:23:30.967388Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-13T20:50:10.643Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to bypass ASLR."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to bypass ASLR",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:12:47.787Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/122371"
        },
        {
          "url": "https://support.apple.com/en-us/122372"
        },
        {
          "url": "https://support.apple.com/en-us/122373"
        },
        {
          "url": "https://support.apple.com/en-us/122374"
        },
        {
          "url": "https://support.apple.com/en-us/122375"
        },
        {
          "url": "https://support.apple.com/en-us/122376"
        },
        {
          "url": "https://support.apple.com/en-us/122377"
        },
        {
          "url": "https://support.apple.com/en-us/122378"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43205",
    "datePublished": "2025-11-12T00:20:52.053Z",
    "dateReserved": "2025-04-16T15:24:37.088Z",
    "dateUpdated": "2026-04-02T18:12:47.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43282 (GCVE-0-2025-43282)
Vulnerability from cvelistv5
Published
2025-10-15 20:00
Modified
2026-04-02 18:26
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE
  • An app may be able to cause unexpected system termination
Summary
A double free issue was addressed with improved memory management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to cause unexpected system termination.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
   Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
   Apple tvOS Version: 0   < 18.6
 Create a notification for this product.
   Apple visionOS Version: 0   < 2.6
 Create a notification for this product.
   Apple watchOS Version: 0   < 11.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43282",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-15T20:39:59.623779Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-415",
                "description": "CWE-415 Double Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-15T20:40:40.805Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A double free issue was addressed with improved memory management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to cause unexpected system termination."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to cause unexpected system termination",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:26:05.505Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43282",
    "datePublished": "2025-10-15T20:00:49.228Z",
    "dateReserved": "2025-04-16T15:24:37.101Z",
    "dateUpdated": "2026-04-02T18:26:05.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43300 (GCVE-0-2025-43300)
Vulnerability from cvelistv5
Published
2025-08-21 00:27
Modified
2026-04-02 18:17
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 15.8.5
Version: 0   < 16.7.12
Version: 0   < 18.6.2
 Create a notification for this product.
   Apple iPadOS Version: 0   < 17.7.10
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.8
Version: 0   < 14.7.8
Version: 0   < 15.6.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43300",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-27T04:56:13.369292Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-08-21",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:48:20.649Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300"
          },
          {
            "tags": [
              "issue-tracking"
            ],
            "url": "https://github.com/cisagov/vulnrichment/issues/201"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T22:06:35.976Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Sep/52"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Sep/14"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Sep/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15.8.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "16.7.12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "18.6.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.10",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:17:25.587Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124925"
        },
        {
          "url": "https://support.apple.com/en-us/124926"
        },
        {
          "url": "https://support.apple.com/en-us/124927"
        },
        {
          "url": "https://support.apple.com/en-us/124928"
        },
        {
          "url": "https://support.apple.com/en-us/124929"
        },
        {
          "url": "https://support.apple.com/en-us/125141"
        },
        {
          "url": "https://support.apple.com/en-us/125142"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43300",
    "datePublished": "2025-08-21T00:27:21.442Z",
    "dateReserved": "2025-04-16T15:24:37.104Z",
    "dateUpdated": "2026-04-02T18:17:25.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43216 (GCVE-0-2025-43216)
Vulnerability from cvelistv5
Published
2025-07-29 23:36
Modified
2026-04-02 18:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE
  • Processing maliciously crafted web content may lead to an unexpected Safari crash
Summary
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
References
Impacted products
Vendor Product Version
Apple Safari Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43216",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:23:42.071609Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T18:06:11.400Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:32.005Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Aug/0"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/36"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/35"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/30"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/02/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Safari",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing maliciously crafted web content may lead to an unexpected Safari crash",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:25:15.512Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124152"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43216",
    "datePublished": "2025-07-29T23:36:05.488Z",
    "dateReserved": "2025-04-16T15:24:37.089Z",
    "dateUpdated": "2026-04-02T18:25:15.512Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43217 (GCVE-0-2025-43217)
Vulnerability from cvelistv5
Published
2025-07-29 23:36
Modified
2026-04-02 18:24
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
  • Privacy Indicators for microphone or camera access may not be correctly displayed
Summary
The issue was addressed by adding additional logic. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Privacy Indicators for microphone or camera access may not be correctly displayed.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43217",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T14:46:04.375783Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-359",
                "description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T14:46:14.101Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:00:56.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/30"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed by adding additional logic. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Privacy Indicators for microphone or camera access may not be correctly displayed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privacy Indicators for microphone or camera access may not be correctly displayed",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:24:45.177Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43217",
    "datePublished": "2025-07-29T23:36:00.631Z",
    "dateReserved": "2025-04-16T15:24:37.089Z",
    "dateUpdated": "2026-04-02T18:24:45.177Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-31276 (GCVE-0-2025-31276)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:22
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
  • Remote content may be loaded even when the 'Load Remote Images' setting is turned off
Summary
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the 'Load Remote Images' setting is turned off.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-31276",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T15:01:40.281222Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-359",
                "description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T15:01:46.687Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:52:45.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the \u0027Load Remote Images\u0027 setting is turned off."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote content may be loaded even when the \u0027Load Remote Images\u0027 setting is turned off",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:22:50.340Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-31276",
    "datePublished": "2025-07-29T23:35:57.153Z",
    "dateReserved": "2025-03-27T16:13:58.344Z",
    "dateUpdated": "2026-04-02T18:22:50.340Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43230 (GCVE-0-2025-43230)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:21
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
  • An app may be able to access user-sensitive data
Summary
The issue was addressed with additional permissions checks. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to access user-sensitive data.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43230",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T17:15:32.019237Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-863",
                "description": "CWE-863 Incorrect Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T17:15:40.404Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:02:05.416Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/37"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/35"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/30"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with additional permissions checks. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to access user-sensitive data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access user-sensitive data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:21:13.598Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43230",
    "datePublished": "2025-07-29T23:35:52.786Z",
    "dateReserved": "2025-04-16T15:24:37.091Z",
    "dateUpdated": "2026-04-02T18:21:13.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43226 (GCVE-0-2025-43226)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:20
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
  • Processing a maliciously crafted image may result in disclosure of process memory
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted image may result in disclosure of process memory.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43226",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:31:06.332780Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T13:31:38.929Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:01:46.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/37"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/36"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/35"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/30"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted image may result in disclosure of process memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing a maliciously crafted image may result in disclosure of process memory",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:20:42.221Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43226",
    "datePublished": "2025-07-29T23:35:51.980Z",
    "dateReserved": "2025-04-16T15:24:37.090Z",
    "dateUpdated": "2026-04-02T18:20:42.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-24224 (GCVE-0-2025-24224)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:19
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
  • A remote attacker may be able to cause unexpected system termination
Summary
The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, macOS Ventura 13.7.7, tvOS 18.5, visionOS 2.5, watchOS 11.5. A remote attacker may be able to cause unexpected system termination.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.5
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-24224",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T17:56:40.270140Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-754",
                "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T17:56:48.297Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:44:22.079Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, macOS Ventura 13.7.7, tvOS 18.5, visionOS 2.5, watchOS 11.5. A remote attacker may be able to cause unexpected system termination."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "A remote attacker may be able to cause unexpected system termination",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:19:37.509Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/122404"
        },
        {
          "url": "https://support.apple.com/en-us/122716"
        },
        {
          "url": "https://support.apple.com/en-us/122720"
        },
        {
          "url": "https://support.apple.com/en-us/122721"
        },
        {
          "url": "https://support.apple.com/en-us/122722"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-24224",
    "datePublished": "2025-07-29T23:35:50.861Z",
    "dateReserved": "2025-01-17T00:00:45.004Z",
    "dateUpdated": "2026-04-02T18:19:37.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43211 (GCVE-0-2025-43211)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:18
Severity ?
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
  • Processing web content may lead to a denial-of-service
Summary
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service.
References
Impacted products
Vendor Product Version
Apple Safari Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43211",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T18:06:53.396416Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T18:07:12.663Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:28.594Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Aug/0"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/36"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/02/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Safari",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing web content may lead to a denial-of-service",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:18:41.319Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124152"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43211",
    "datePublished": "2025-07-29T23:35:43.117Z",
    "dateReserved": "2025-04-16T15:24:37.088Z",
    "dateUpdated": "2026-04-02T18:18:41.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43209 (GCVE-0-2025-43209)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:14
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • Processing maliciously crafted web content may lead to an unexpected Safari crash
Summary
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
References
Impacted products
Vendor Product Version
Apple iOS and iPadOS Version: 0   < 18.6
 Create a notification for this product.
   Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
   Apple tvOS Version: 0   < 18.6
 Create a notification for this product.
   Apple visionOS Version: 0   < 2.6
 Create a notification for this product.
   Apple watchOS Version: 0   < 11.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43209",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:25:26.617061Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T18:07:32.762Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:00:19.886Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/37"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/36"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing maliciously crafted web content may lead to an unexpected Safari crash",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:14:21.694Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43209",
    "datePublished": "2025-07-29T23:35:27.601Z",
    "dateReserved": "2025-04-16T15:24:37.088Z",
    "dateUpdated": "2026-04-02T18:14:21.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-31278 (GCVE-0-2025-31278)
Vulnerability from cvelistv5
Published
2025-07-29 23:35
Modified
2026-04-02 18:09
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
  • Processing maliciously crafted web content may lead to memory corruption
Summary
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
References
Impacted products
Vendor Product Version
Apple Safari Version: 0   < 18.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-31278",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-31T03:56:02.495080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:09.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:04.731Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Aug/0"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/36"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/02/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Safari",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "2.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "11.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing maliciously crafted web content may lead to memory corruption",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:09:24.679Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124147"
        },
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124152"
        },
        {
          "url": "https://support.apple.com/en-us/124153"
        },
        {
          "url": "https://support.apple.com/en-us/124154"
        },
        {
          "url": "https://support.apple.com/en-us/124155"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-31278",
    "datePublished": "2025-07-29T23:35:08.211Z",
    "dateReserved": "2025-03-27T16:13:58.344Z",
    "dateUpdated": "2026-04-02T18:09:24.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43220 (GCVE-0-2025-43220)
Vulnerability from cvelistv5
Published
2025-07-29 23:29
Modified
2026-04-02 18:26
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • An app may be able to access protected user data
Summary
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
References
Impacted products
Vendor Product Version
Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43220",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:28:10.388735Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-59",
                "description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-31T17:56:39.669Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:01:03.732Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access protected user data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:26:55.663Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43220",
    "datePublished": "2025-07-29T23:29:28.537Z",
    "dateReserved": "2025-04-16T15:24:37.090Z",
    "dateUpdated": "2026-04-02T18:26:55.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43225 (GCVE-0-2025-43225)
Vulnerability from cvelistv5
Published
2025-07-29 23:29
Modified
2026-04-02 18:14
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE
  • An app may be able to access sensitive user data
Summary
A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.
References
Impacted products
Vendor Product Version
Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43225",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:29:30.932861Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-532",
                "description": "CWE-532 Insertion of Sensitive Information into Log File",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-31T17:57:43.387Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:01:36.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to access sensitive user data",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:14:36.173Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43225",
    "datePublished": "2025-07-29T23:29:16.305Z",
    "dateReserved": "2025-04-16T15:24:37.090Z",
    "dateUpdated": "2026-04-02T18:14:36.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43222 (GCVE-0-2025-43222)
Vulnerability from cvelistv5
Published
2025-07-29 23:29
Modified
2026-04-02 18:11
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • An attacker may be able to cause unexpected app termination
Summary
A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.
References
Impacted products
Vendor Product Version
Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-43222",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:30:24.156845Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-31T17:58:23.534Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:01:14.756Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An attacker may be able to cause unexpected app termination",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:11:30.576Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-43222",
    "datePublished": "2025-07-29T23:29:08.611Z",
    "dateReserved": "2025-04-16T15:24:37.090Z",
    "dateUpdated": "2026-04-02T18:11:30.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-31279 (GCVE-0-2025-31279)
Vulnerability from cvelistv5
Published
2025-07-29 23:29
Modified
2026-04-02 18:09
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • An app may be able to fingerprint the user
Summary
A permissions issue was addressed with additional restrictions. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user.
References
Impacted products
Vendor Product Version
Apple iPadOS Version: 0   < 17.7.9
 Create a notification for this product.
   Apple macOS Version: 0   < 13.7.7
Version: 0   < 14.7.7
Version: 0   < 15.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-31279",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T13:31:08.708211Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-31T17:58:53.213Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:53:01.868Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jul/31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "17.7.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "14.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "An app may be able to fingerprint the user",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:09:50.917Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/124148"
        },
        {
          "url": "https://support.apple.com/en-us/124149"
        },
        {
          "url": "https://support.apple.com/en-us/124150"
        },
        {
          "url": "https://support.apple.com/en-us/124151"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2025-31279",
    "datePublished": "2025-07-29T23:29:02.921Z",
    "dateReserved": "2025-03-27T16:13:58.345Z",
    "dateUpdated": "2026-04-02T18:09:50.917Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CERTFR-2026-AVI-0355
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iOS iOS versions antérieures à 26.4
Apple iPadOS iPadOS versions antérieures à 26.4
Apple iPadOS iPadOS versions antérieures à 18.7.7
Apple Xcode Xcode versions antérieures à 26.4
Apple visionOS visionOS versions antérieures à 26.4
Apple watchOS watchOS versions antérieures à 26.4
Apple macOS macOS Tahoe versions antérieures à 26.4
Apple macOS macOS Sonoma versions antérieures à 14.8.5
Apple Safari Safari versions antérieures à 26.4
Apple macOS macOS Sequoia versions antérieures à 15.7.5
Apple tvOS tvOS versions antérieures à 26.4
Apple iOS iOS versions antérieures à 18.7.7
References
Bulletin de sécurité Apple 126793 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126794 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126798 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126800 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126796 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126792 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126795 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126799 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126797 2026-03-24 vendor-advisory
Bulletin de sécurité Apple 126801 2026-03-24 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.7",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Xcode versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "Xcode",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "visionOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "watchOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.5",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.5",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 26.4",
      "product": {
        "name": "tvOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 18.7.7",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-20684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20684"
    },
    {
      "name": "CVE-2026-28875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28875"
    },
    {
      "name": "CVE-2026-28862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28862"
    },
    {
      "name": "CVE-2026-20698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20698"
    },
    {
      "name": "CVE-2025-59775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59775"
    },
    {
      "name": "CVE-2026-20664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20664"
    },
    {
      "name": "CVE-2026-20692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20692"
    },
    {
      "name": "CVE-2025-43376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43376"
    },
    {
      "name": "CVE-2026-28879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28879"
    },
    {
      "name": "CVE-2026-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28834"
    },
    {
      "name": "CVE-2026-28882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28882"
    },
    {
      "name": "CVE-2026-20631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20631"
    },
    {
      "name": "CVE-2025-55753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55753"
    },
    {
      "name": "CVE-2026-28874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28874"
    },
    {
      "name": "CVE-2026-20665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20665"
    },
    {
      "name": "CVE-2026-28822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28822"
    },
    {
      "name": "CVE-2026-28827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28827"
    },
    {
      "name": "CVE-2026-28892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28892"
    },
    {
      "name": "CVE-2026-28895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28895"
    },
    {
      "name": "CVE-2026-28837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28837"
    },
    {
      "name": "CVE-2026-28878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28878"
    },
    {
      "name": "CVE-2026-28823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28823"
    },
    {
      "name": "CVE-2026-28845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28845"
    },
    {
      "name": "CVE-2026-28826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28826"
    },
    {
      "name": "CVE-2026-28886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28886"
    },
    {
      "name": "CVE-2026-28880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28880"
    },
    {
      "name": "CVE-2025-66200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66200"
    },
    {
      "name": "CVE-2026-20687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20687"
    },
    {
      "name": "CVE-2026-28866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28866"
    },
    {
      "name": "CVE-2026-20697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20697"
    },
    {
      "name": "CVE-2026-28863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28863"
    },
    {
      "name": "CVE-2026-28817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28817"
    },
    {
      "name": "CVE-2026-20637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20637"
    },
    {
      "name": "CVE-2026-20607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20607"
    },
    {
      "name": "CVE-2026-28889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28889"
    },
    {
      "name": "CVE-2025-64505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
    },
    {
      "name": "CVE-2026-28824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28824"
    },
    {
      "name": "CVE-2026-28844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28844"
    },
    {
      "name": "CVE-2026-20632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20632"
    },
    {
      "name": "CVE-2026-20668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20668"
    },
    {
      "name": "CVE-2026-28888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28888"
    },
    {
      "name": "CVE-2026-28852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28852"
    },
    {
      "name": "CVE-2026-28829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28829"
    },
    {
      "name": "CVE-2025-65082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65082"
    },
    {
      "name": "CVE-2026-28861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28861"
    },
    {
      "name": "CVE-2026-28894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28894"
    },
    {
      "name": "CVE-2026-28828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28828"
    },
    {
      "name": "CVE-2025-58098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58098"
    },
    {
      "name": "CVE-2026-28871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28871"
    },
    {
      "name": "CVE-2026-20688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20688"
    },
    {
      "name": "CVE-2026-20699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20699"
    },
    {
      "name": "CVE-2026-28831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28831"
    },
    {
      "name": "CVE-2026-28859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28859"
    },
    {
      "name": "CVE-2026-20694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20694"
    },
    {
      "name": "CVE-2026-20633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20633"
    },
    {
      "name": "CVE-2026-20657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20657"
    },
    {
      "name": "CVE-2026-28890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28890"
    },
    {
      "name": "CVE-2026-20651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20651"
    },
    {
      "name": "CVE-2026-20701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20701"
    },
    {
      "name": "CVE-2026-28816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28816"
    },
    {
      "name": "CVE-2026-28877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28877"
    },
    {
      "name": "CVE-2025-14524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14524"
    },
    {
      "name": "CVE-2026-20691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20691"
    },
    {
      "name": "CVE-2026-28820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28820"
    },
    {
      "name": "CVE-2026-28838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28838"
    },
    {
      "name": "CVE-2026-28842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28842"
    },
    {
      "name": "CVE-2025-43534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43534"
    },
    {
      "name": "CVE-2026-28825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28825"
    },
    {
      "name": "CVE-2026-28865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28865"
    },
    {
      "name": "CVE-2026-20660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20660"
    },
    {
      "name": "CVE-2026-28857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28857"
    },
    {
      "name": "CVE-2026-20639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20639"
    },
    {
      "name": "CVE-2026-20643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20643"
    },
    {
      "name": "CVE-2026-28818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28818"
    },
    {
      "name": "CVE-2026-20690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20690"
    },
    {
      "name": "CVE-2026-20693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20693"
    },
    {
      "name": "CVE-2026-28833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28833"
    },
    {
      "name": "CVE-2026-28876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28876"
    },
    {
      "name": "CVE-2026-20695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20695"
    },
    {
      "name": "CVE-2026-28856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28856"
    },
    {
      "name": "CVE-2026-28891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28891"
    },
    {
      "name": "CVE-2026-28868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28868"
    },
    {
      "name": "CVE-2026-28841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28841"
    },
    {
      "name": "CVE-2026-28821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28821"
    },
    {
      "name": "CVE-2026-28835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28835"
    },
    {
      "name": "CVE-2026-28839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28839"
    },
    {
      "name": "CVE-2026-28867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28867"
    },
    {
      "name": "CVE-2026-28864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28864"
    },
    {
      "name": "CVE-2026-28832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28832"
    },
    {
      "name": "CVE-2026-28858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28858"
    },
    {
      "name": "CVE-2026-28870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28870"
    },
    {
      "name": "CVE-2026-28893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28893"
    },
    {
      "name": "CVE-2026-28881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28881"
    }
  ],
  "initial_release_date": "2026-03-25T00:00:00",
  "last_revision_date": "2026-03-25T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0355",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126793",
      "url": "https://support.apple.com/en-us/126793"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126794",
      "url": "https://support.apple.com/en-us/126794"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126798",
      "url": "https://support.apple.com/en-us/126798"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126800",
      "url": "https://support.apple.com/en-us/126800"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126796",
      "url": "https://support.apple.com/en-us/126796"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126792",
      "url": "https://support.apple.com/en-us/126792"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126795",
      "url": "https://support.apple.com/en-us/126795"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126799",
      "url": "https://support.apple.com/en-us/126799"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126797",
      "url": "https://support.apple.com/en-us/126797"
    },
    {
      "published_at": "2026-03-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126801",
      "url": "https://support.apple.com/en-us/126801"
    }
  ]
}

CERTFR-2026-AVI-0313
Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iPadOS iPadOS versions antérieures à 26.3.1 (a)
Apple macOS macOS versions antérieures à 26.3.1 (a)
Apple macOS macOS versions antérieures à 26.3.2 (a)
Apple iOS iOS versions antérieures à 26.3.1 (a)
References
Bulletin de sécurité Apple 126604 2026-03-17 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 26.3.1 (a)",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS versions ant\u00e9rieures \u00e0 26.3.1 (a)",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS versions ant\u00e9rieures \u00e0 26.3.2 (a)",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 26.3.1 (a)",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-20643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20643"
    }
  ],
  "initial_release_date": "2026-03-18T00:00:00",
  "last_revision_date": "2026-03-18T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0313",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2026-03-17",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126604",
      "url": "https://support.apple.com/en-us/126604"
    }
  ]
}

CERTFR-2026-AVI-0280
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iPadOS iPadOS versions antérieures à 15.8.7
Apple iOS iOS versions antérieures à 15.8.7
Apple iOS iOS versions antérieures à 16.7.15
Apple iPadOS iPadOS versions antérieures à 16.7.15
References
Bulletin de sécurité Apple 126646 2026-03-11 vendor-advisory
Bulletin de sécurité Apple 126632 2026-03-11 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 15.8.7",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 15.8.7",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 16.7.15",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 16.7.15",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-23222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23222"
    },
    {
      "name": "CVE-2023-43010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43010"
    },
    {
      "name": "CVE-2023-41974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41974"
    },
    {
      "name": "CVE-2023-43000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43000"
    }
  ],
  "initial_release_date": "2026-03-12T00:00:00",
  "last_revision_date": "2026-03-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0280",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126646",
      "url": "https://support.apple.com/en-us/126646"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126632",
      "url": "https://support.apple.com/en-us/126632"
    }
  ]
}

CERTFR-2026-AVI-0158
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Apple indique que la vulnérabilité CVE-2026-20700 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iOS iOS versions antérieures à 26.3
Apple iPadOS iPadOS versions antérieures à 18.7.5
Apple macOS macOS Sequoia versions antérieures à 15.7.4
Apple Safari Safari versions antérieures à 26.3
Apple iOS iOS versions antérieures à 18.7.5
Apple N/A watchOS versions antérieures à 26.3
Apple macOS macOS Sonoma versions antérieures à 14.8.4
Apple N/A tvOS versions antérieures à 26.3
Apple macOS macOS Tahoe versions antérieures à 26.3
Apple iPadOS iPadOS versions antérieures à 26.3
Apple N/A visionOS versions antérieures à 26.3
References
Bulletin de sécurité Apple 126346 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126353 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126347 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126352 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126348 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126349 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126351 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126350 2026-02-11 vendor-advisory
Bulletin de sécurité Apple 126354 2026-02-11 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.5",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.4",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 18.7.5",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.4",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 26.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-20624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20624"
    },
    {
      "name": "CVE-2026-20652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20652"
    },
    {
      "name": "CVE-2026-20619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20619"
    },
    {
      "name": "CVE-2026-20606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20606"
    },
    {
      "name": "CVE-2026-20611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20611"
    },
    {
      "name": "CVE-2026-20617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20617"
    },
    {
      "name": "CVE-2025-43417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43417"
    },
    {
      "name": "CVE-2025-46310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46310"
    },
    {
      "name": "CVE-2026-20625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20625"
    },
    {
      "name": "CVE-2026-20650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20650"
    },
    {
      "name": "CVE-2026-20676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20676"
    },
    {
      "name": "CVE-2026-20626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20626"
    },
    {
      "name": "CVE-2026-20666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20666"
    },
    {
      "name": "CVE-2026-20662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20662"
    },
    {
      "name": "CVE-2025-43402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43402"
    },
    {
      "name": "CVE-2026-20658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20658"
    },
    {
      "name": "CVE-2026-20612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20612"
    },
    {
      "name": "CVE-2026-20655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20655"
    },
    {
      "name": "CVE-2026-20638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20638"
    },
    {
      "name": "CVE-2026-20682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20682"
    },
    {
      "name": "CVE-2026-20605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20605"
    },
    {
      "name": "CVE-2026-20674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20674"
    },
    {
      "name": "CVE-2026-20642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20642"
    },
    {
      "name": "CVE-2026-20647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20647"
    },
    {
      "name": "CVE-2026-20628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20628"
    },
    {
      "name": "CVE-2026-20646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20646"
    },
    {
      "name": "CVE-2025-59375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
    },
    {
      "name": "CVE-2026-20608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20608"
    },
    {
      "name": "CVE-2026-20623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20623"
    },
    {
      "name": "CVE-2026-20615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20615"
    },
    {
      "name": "CVE-2026-20630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20630"
    },
    {
      "name": "CVE-2026-20677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20677"
    },
    {
      "name": "CVE-2026-20680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20680"
    },
    {
      "name": "CVE-2026-20661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20661"
    },
    {
      "name": "CVE-2026-20654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20654"
    },
    {
      "name": "CVE-2026-20673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20673"
    },
    {
      "name": "CVE-2026-20636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20636"
    },
    {
      "name": "CVE-2025-46305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46305"
    },
    {
      "name": "CVE-2025-46283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46283"
    },
    {
      "name": "CVE-2025-14174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
    },
    {
      "name": "CVE-2026-20635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20635"
    },
    {
      "name": "CVE-2025-46303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46303"
    },
    {
      "name": "CVE-2025-46301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46301"
    },
    {
      "name": "CVE-2026-20616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20616"
    },
    {
      "name": "CVE-2026-20653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20653"
    },
    {
      "name": "CVE-2026-20602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20602"
    },
    {
      "name": "CVE-2025-46300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46300"
    },
    {
      "name": "CVE-2026-20656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20656"
    },
    {
      "name": "CVE-2026-20609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20609"
    },
    {
      "name": "CVE-2025-43338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43338"
    },
    {
      "name": "CVE-2026-20627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20627"
    },
    {
      "name": "CVE-2026-20663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20663"
    },
    {
      "name": "CVE-2026-20621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20621"
    },
    {
      "name": "CVE-2026-20681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20681"
    },
    {
      "name": "CVE-2026-20678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20678"
    },
    {
      "name": "CVE-2026-20667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20667"
    },
    {
      "name": "CVE-2025-43403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43403"
    },
    {
      "name": "CVE-2026-20603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20603"
    },
    {
      "name": "CVE-2025-46304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46304"
    },
    {
      "name": "CVE-2025-43537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43537"
    },
    {
      "name": "CVE-2026-20620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20620"
    },
    {
      "name": "CVE-2026-20644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20644"
    },
    {
      "name": "CVE-2025-43529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43529"
    },
    {
      "name": "CVE-2025-46290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46290"
    },
    {
      "name": "CVE-2026-20641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20641"
    },
    {
      "name": "CVE-2026-20649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20649"
    },
    {
      "name": "CVE-2025-46302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46302"
    },
    {
      "name": "CVE-2026-20660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20660"
    },
    {
      "name": "CVE-2026-20648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20648"
    },
    {
      "name": "CVE-2026-20671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20671"
    },
    {
      "name": "CVE-2026-20610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20610"
    },
    {
      "name": "CVE-2026-20618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20618"
    },
    {
      "name": "CVE-2026-20700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20700"
    },
    {
      "name": "CVE-2026-20640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20640"
    },
    {
      "name": "CVE-2026-20601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20601"
    },
    {
      "name": "CVE-2025-43533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43533"
    },
    {
      "name": "CVE-2026-20629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20629"
    },
    {
      "name": "CVE-2026-20634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20634"
    },
    {
      "name": "CVE-2026-20669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20669"
    },
    {
      "name": "CVE-2026-20645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20645"
    },
    {
      "name": "CVE-2026-20675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20675"
    },
    {
      "name": "CVE-2026-20614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20614"
    }
  ],
  "initial_release_date": "2026-02-12T00:00:00",
  "last_revision_date": "2026-02-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0158",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-02-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2026-20700 est activement exploit\u00e9e.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126346",
      "url": "https://support.apple.com/en-us/126346"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126353",
      "url": "https://support.apple.com/en-us/126353"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126347",
      "url": "https://support.apple.com/en-us/126347"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126352",
      "url": "https://support.apple.com/en-us/126352"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126348",
      "url": "https://support.apple.com/en-us/126348"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126349",
      "url": "https://support.apple.com/en-us/126349"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126351",
      "url": "https://support.apple.com/en-us/126351"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126350",
      "url": "https://support.apple.com/en-us/126350"
    },
    {
      "published_at": "2026-02-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 126354",
      "url": "https://support.apple.com/en-us/126354"
    }
  ]
}

CERTFR-2025-AVI-1110
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Apple indique que les vulnérabilités CVE-2025-14174 et CVE-2025-43529 sont activement exploitées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple macOS macOS Sonoma versions antérieures à 14.8.3
Apple watchOS watchOS versions antérieures à 26.2
Apple iOS iOS versions 26.x antérieures à 26.2
Apple macOS macOS Tahoe versions antérieures à 26.2
Apple macOS macOS Sequoia versions antérieures à 15.7.3
Apple tvOS tvOS versions antérieures à 26.2
Apple Safari Safari versions antérieures à 26.2
Apple iOS iOS versions 18.7.x antérieures à 18.7.3
Apple iPadOS iPadOS versions 18.7.x antérieures à 18.7.3
Apple visionOS visionOS versions antérieures à 26.2
Apple iPadOS iPadOS versions 26.x antérieures à 26.2
References
Bulletin de sécurité Apple 125887 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125891 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125884 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125886 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125885 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125889 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125890 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125892 2025-12-12 vendor-advisory
Bulletin de sécurité Apple 125888 2025-12-12 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "watchOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions 26.x ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "tvOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions 18.7.x ant\u00e9rieures \u00e0 18.7.3",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions 18.7.x ant\u00e9rieures \u00e0 18.7.3",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "visionOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions 26.x ant\u00e9rieures \u00e0 26.2",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43517"
    },
    {
      "name": "CVE-2025-46291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46291"
    },
    {
      "name": "CVE-2025-46282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46282"
    },
    {
      "name": "CVE-2025-46292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46292"
    },
    {
      "name": "CVE-2025-43539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43539"
    },
    {
      "name": "CVE-2025-43320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43320"
    },
    {
      "name": "CVE-2025-43536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43536"
    },
    {
      "name": "CVE-2025-43514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43514"
    },
    {
      "name": "CVE-2025-46289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46289"
    },
    {
      "name": "CVE-2025-43511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43511"
    },
    {
      "name": "CVE-2025-46278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46278"
    },
    {
      "name": "CVE-2025-43523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43523"
    },
    {
      "name": "CVE-2024-8906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8906"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2025-43513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43513"
    },
    {
      "name": "CVE-2025-43522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43522"
    },
    {
      "name": "CVE-2025-46279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46279"
    },
    {
      "name": "CVE-2025-43416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43416"
    },
    {
      "name": "CVE-2025-43410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43410"
    },
    {
      "name": "CVE-2025-43475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43475"
    },
    {
      "name": "CVE-2025-43542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43542"
    },
    {
      "name": "CVE-2025-46283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46283"
    },
    {
      "name": "CVE-2025-14174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
    },
    {
      "name": "CVE-2025-43519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43519"
    },
    {
      "name": "CVE-2025-5918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
    },
    {
      "name": "CVE-2025-43526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43526"
    },
    {
      "name": "CVE-2025-46277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46277"
    },
    {
      "name": "CVE-2025-43518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43518"
    },
    {
      "name": "CVE-2025-43527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43527"
    },
    {
      "name": "CVE-2025-46285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46285"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2025-43482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43482"
    },
    {
      "name": "CVE-2025-43532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43532"
    },
    {
      "name": "CVE-2025-43538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43538"
    },
    {
      "name": "CVE-2025-46288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46288"
    },
    {
      "name": "CVE-2025-43541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43541"
    },
    {
      "name": "CVE-2025-43529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43529"
    },
    {
      "name": "CVE-2025-43516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43516"
    },
    {
      "name": "CVE-2025-46281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46281"
    },
    {
      "name": "CVE-2025-43530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43530"
    },
    {
      "name": "CVE-2025-43501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43501"
    },
    {
      "name": "CVE-2025-46276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46276"
    },
    {
      "name": "CVE-2025-43533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43533"
    },
    {
      "name": "CVE-2025-43428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43428"
    },
    {
      "name": "CVE-2025-43512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43512"
    },
    {
      "name": "CVE-2025-43535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43535"
    },
    {
      "name": "CVE-2025-43521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43521"
    },
    {
      "name": "CVE-2025-43531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43531"
    },
    {
      "name": "CVE-2025-46287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46287"
    },
    {
      "name": "CVE-2025-43509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43509"
    },
    {
      "name": "CVE-2025-43463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43463"
    }
  ],
  "initial_release_date": "2025-12-15T00:00:00",
  "last_revision_date": "2025-12-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1110",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nApple indique que les vuln\u00e9rabilit\u00e9s CVE-2025-14174 et CVE-2025-43529 sont activement exploit\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125887",
      "url": "https://support.apple.com/en-us/125887"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125891",
      "url": "https://support.apple.com/en-us/125891"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125884",
      "url": "https://support.apple.com/en-us/125884"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125886",
      "url": "https://support.apple.com/en-us/125886"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125885",
      "url": "https://support.apple.com/en-us/125885"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125889",
      "url": "https://support.apple.com/en-us/125889"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125890",
      "url": "https://support.apple.com/en-us/125890"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125892",
      "url": "https://support.apple.com/en-us/125892"
    },
    {
      "published_at": "2025-12-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125888",
      "url": "https://support.apple.com/en-us/125888"
    }
  ]
}

CERTFR-2025-AVI-0974
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Apple iOS et iPadOS. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iPadOS iPadOS versions antérieures à 18.7.2
Apple iOS iOS versions antérieures à 18.7.2
References
Bulletin de sécurité Apple 125633 2025-11-05 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.2",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 18.7.2",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43441"
    },
    {
      "name": "CVE-2025-43443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43443"
    },
    {
      "name": "CVE-2025-43448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43448"
    },
    {
      "name": "CVE-2025-43431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43431"
    },
    {
      "name": "CVE-2025-43496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43496"
    },
    {
      "name": "CVE-2025-43450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43450"
    },
    {
      "name": "CVE-2025-43384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43384"
    },
    {
      "name": "CVE-2025-43434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43434"
    },
    {
      "name": "CVE-2025-43503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43503"
    },
    {
      "name": "CVE-2025-43458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43458"
    },
    {
      "name": "CVE-2025-43423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43423"
    },
    {
      "name": "CVE-2025-43392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43392"
    },
    {
      "name": "CVE-2025-43386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43386"
    },
    {
      "name": "CVE-2025-43493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43493"
    },
    {
      "name": "CVE-2025-43418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43418"
    },
    {
      "name": "CVE-2025-43435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43435"
    },
    {
      "name": "CVE-2025-43442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43442"
    },
    {
      "name": "CVE-2025-43377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43377"
    },
    {
      "name": "CVE-2025-43438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43438"
    },
    {
      "name": "CVE-2025-43429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43429"
    },
    {
      "name": "CVE-2025-43385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43385"
    },
    {
      "name": "CVE-2025-43444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43444"
    },
    {
      "name": "CVE-2025-43365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43365"
    },
    {
      "name": "CVE-2025-43495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43495"
    },
    {
      "name": "CVE-2025-43499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43499"
    },
    {
      "name": "CVE-2025-43445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43445"
    },
    {
      "name": "CVE-2025-43399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43399"
    },
    {
      "name": "CVE-2025-43383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43383"
    },
    {
      "name": "CVE-2025-43507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43507"
    },
    {
      "name": "CVE-2025-43433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43433"
    },
    {
      "name": "CVE-2025-43454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43454"
    },
    {
      "name": "CVE-2025-43439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43439"
    },
    {
      "name": "CVE-2025-43389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43389"
    },
    {
      "name": "CVE-2025-43398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43398"
    }
  ],
  "initial_release_date": "2025-11-06T00:00:00",
  "last_revision_date": "2025-11-06T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0974",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-11-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apple iOS et iPadOS. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS et iPadOS",
  "vendor_advisories": [
    {
      "published_at": "2025-11-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125633",
      "url": "https://support.apple.com/en-us/125633"
    }
  ]
}

CERTFR-2025-AVI-0961
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple macOS macOS Tahoe versions antérieures à 26.1
Apple iPadOS iPadOS versions antérieures à 26.1
Apple macOS macOS Sequoia versions antérieures à 15.7.2
Apple Safari Safari versions antérieures à 26.1
Apple Xcode Xcode versions antérieures à 26.1
Apple watchOS watchOS versions antérieures à 26.1
Apple iOS iOS versions antérieures à 26.1
Apple tvOS tvOS versions antérieures à 26.1
Apple macOS macOS Sonoma versions antérieures à 14.8.2
Apple visionOS visionOS versions antérieures à 26.1
References
Bulletin de sécurité Apple 125639 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125640 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125634 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125632 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125638 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125635 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125641 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125636 2025-11-03 vendor-advisory
Bulletin de sécurité Apple 125637 2025-11-03 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.2",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Xcode versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "Xcode",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "watchOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "tvOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.2",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 26.1",
      "product": {
        "name": "visionOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43292"
    },
    {
      "name": "CVE-2025-43505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43505"
    },
    {
      "name": "CVE-2025-43432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43432"
    },
    {
      "name": "CVE-2025-43372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43372"
    },
    {
      "name": "CVE-2025-43426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43426"
    },
    {
      "name": "CVE-2025-43480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43480"
    },
    {
      "name": "CVE-2025-43449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43449"
    },
    {
      "name": "CVE-2025-43348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43348"
    },
    {
      "name": "CVE-2025-43351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43351"
    },
    {
      "name": "CVE-2025-43373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43373"
    },
    {
      "name": "CVE-2025-43441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43441"
    },
    {
      "name": "CVE-2025-43443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43443"
    },
    {
      "name": "CVE-2025-43476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43476"
    },
    {
      "name": "CVE-2025-30465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30465"
    },
    {
      "name": "CVE-2025-43448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43448"
    },
    {
      "name": "CVE-2025-43497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43497"
    },
    {
      "name": "CVE-2025-43446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43446"
    },
    {
      "name": "CVE-2025-43500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43500"
    },
    {
      "name": "CVE-2025-43431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43431"
    },
    {
      "name": "CVE-2025-43452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43452"
    },
    {
      "name": "CVE-2025-43504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43504"
    },
    {
      "name": "CVE-2025-43467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43467"
    },
    {
      "name": "CVE-2025-43496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43496"
    },
    {
      "name": "CVE-2025-43420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43420"
    },
    {
      "name": "CVE-2025-43450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43450"
    },
    {
      "name": "CVE-2025-43406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43406"
    },
    {
      "name": "CVE-2025-43402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43402"
    },
    {
      "name": "CVE-2025-43384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43384"
    },
    {
      "name": "CVE-2025-43434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43434"
    },
    {
      "name": "CVE-2025-43422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43422"
    },
    {
      "name": "CVE-2025-43503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43503"
    },
    {
      "name": "CVE-2025-43502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43502"
    },
    {
      "name": "CVE-2025-43440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43440"
    },
    {
      "name": "CVE-2024-43398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
    },
    {
      "name": "CVE-2025-43427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43427"
    },
    {
      "name": "CVE-2025-43394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43394"
    },
    {
      "name": "CVE-2025-43335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43335"
    },
    {
      "name": "CVE-2025-43458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43458"
    },
    {
      "name": "CVE-2025-43411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43411"
    },
    {
      "name": "CVE-2025-43469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43469"
    },
    {
      "name": "CVE-2025-43498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43498"
    },
    {
      "name": "CVE-2025-43424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43424"
    },
    {
      "name": "CVE-2025-43423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43423"
    },
    {
      "name": "CVE-2025-43472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43472"
    },
    {
      "name": "CVE-2025-43459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43459"
    },
    {
      "name": "CVE-2025-43392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43392"
    },
    {
      "name": "CVE-2025-43462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43462"
    },
    {
      "name": "CVE-2025-43401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43401"
    },
    {
      "name": "CVE-2025-43386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43386"
    },
    {
      "name": "CVE-2025-43493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43493"
    },
    {
      "name": "CVE-2025-43481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43481"
    },
    {
      "name": "CVE-2025-43405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43405"
    },
    {
      "name": "CVE-2025-43506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43506"
    },
    {
      "name": "CVE-2025-43322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43322"
    },
    {
      "name": "CVE-2025-32462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
    },
    {
      "name": "CVE-2025-43400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43400"
    },
    {
      "name": "CVE-2025-43468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43468"
    },
    {
      "name": "CVE-2025-43395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43395"
    },
    {
      "name": "CVE-2025-43421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43421"
    },
    {
      "name": "CVE-2025-43435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43435"
    },
    {
      "name": "CVE-2025-43464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43464"
    },
    {
      "name": "CVE-2025-43442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43442"
    },
    {
      "name": "CVE-2025-43377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43377"
    },
    {
      "name": "CVE-2025-43438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43438"
    },
    {
      "name": "CVE-2025-43460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43460"
    },
    {
      "name": "CVE-2025-43429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43429"
    },
    {
      "name": "CVE-2025-43407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43407"
    },
    {
      "name": "CVE-2025-43334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43334"
    },
    {
      "name": "CVE-2025-43414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43414"
    },
    {
      "name": "CVE-2025-43385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43385"
    },
    {
      "name": "CVE-2025-43444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43444"
    },
    {
      "name": "CVE-2025-43404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43404"
    },
    {
      "name": "CVE-2025-43495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43495"
    },
    {
      "name": "CVE-2025-43465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43465"
    },
    {
      "name": "CVE-2025-43461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43461"
    },
    {
      "name": "CVE-2025-43294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43294"
    },
    {
      "name": "CVE-2025-43390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43390"
    },
    {
      "name": "CVE-2025-43499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43499"
    },
    {
      "name": "CVE-2025-43350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43350"
    },
    {
      "name": "CVE-2025-43391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43391"
    },
    {
      "name": "CVE-2025-43378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43378"
    },
    {
      "name": "CVE-2025-43473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43473"
    },
    {
      "name": "CVE-2025-43445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43445"
    },
    {
      "name": "CVE-2025-43338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43338"
    },
    {
      "name": "CVE-2025-43409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43409"
    },
    {
      "name": "CVE-2025-43399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43399"
    },
    {
      "name": "CVE-2025-43383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43383"
    },
    {
      "name": "CVE-2025-43474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43474"
    },
    {
      "name": "CVE-2025-43471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43471"
    },
    {
      "name": "CVE-2025-43387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43387"
    },
    {
      "name": "CVE-2025-43479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43479"
    },
    {
      "name": "CVE-2025-43447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43447"
    },
    {
      "name": "CVE-2025-43477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43477"
    },
    {
      "name": "CVE-2025-43413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43413"
    },
    {
      "name": "CVE-2025-43507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43507"
    },
    {
      "name": "CVE-2025-43336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43336"
    },
    {
      "name": "CVE-2025-43433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43433"
    },
    {
      "name": "CVE-2025-43430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43430"
    },
    {
      "name": "CVE-2025-43337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43337"
    },
    {
      "name": "CVE-2025-43380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43380"
    },
    {
      "name": "CVE-2025-43397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43397"
    },
    {
      "name": "CVE-2025-43455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43455"
    },
    {
      "name": "CVE-2025-53906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
    },
    {
      "name": "CVE-2025-43412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43412"
    },
    {
      "name": "CVE-2025-43388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43388"
    },
    {
      "name": "CVE-2025-43396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43396"
    },
    {
      "name": "CVE-2025-43454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43454"
    },
    {
      "name": "CVE-2025-43439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43439"
    },
    {
      "name": "CVE-2025-43381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43381"
    },
    {
      "name": "CVE-2025-43382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43382"
    },
    {
      "name": "CVE-2025-43466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43466"
    },
    {
      "name": "CVE-2025-43364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43364"
    },
    {
      "name": "CVE-2025-43393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43393"
    },
    {
      "name": "CVE-2025-43389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43389"
    },
    {
      "name": "CVE-2025-43457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43457"
    },
    {
      "name": "CVE-2025-43361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43361"
    },
    {
      "name": "CVE-2025-43398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43398"
    },
    {
      "name": "CVE-2025-31199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31199"
    },
    {
      "name": "CVE-2025-43408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43408"
    },
    {
      "name": "CVE-2025-43379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43379"
    },
    {
      "name": "CVE-2025-6442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
    },
    {
      "name": "CVE-2025-43425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43425"
    },
    {
      "name": "CVE-2025-43478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43478"
    },
    {
      "name": "CVE-2025-43436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43436"
    },
    {
      "name": "CVE-2024-49761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
    },
    {
      "name": "CVE-2025-43463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43463"
    }
  ],
  "initial_release_date": "2025-11-04T00:00:00",
  "last_revision_date": "2025-11-04T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0961",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-11-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125639",
      "url": "https://support.apple.com/en-us/125639"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125640",
      "url": "https://support.apple.com/en-us/125640"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125634",
      "url": "https://support.apple.com/en-us/125634"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125632",
      "url": "https://support.apple.com/en-us/125632"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125638",
      "url": "https://support.apple.com/en-us/125638"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125635",
      "url": "https://support.apple.com/en-us/125635"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125641",
      "url": "https://support.apple.com/en-us/125641"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125636",
      "url": "https://support.apple.com/en-us/125636"
    },
    {
      "published_at": "2025-11-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125637",
      "url": "https://support.apple.com/en-us/125637"
    }
  ]
}

CERTFR-2025-AVI-0831
Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iPadOS iPadOS versions antérieures à 26.0.1
Apple iOS iOS versions antérieures à 18.7.1
Apple macOS macOS Tahoe versions antérieures à 26.0.1
Apple macOS macOS Sonoma versions antérieures à 14.8.1
Apple iPadOS iPadOS versions antérieures à 18.7.1
Apple iOS iOS versions antérieures à 26.0.1
Apple visionOS visionOS versions antérieures à 26.0.1
Apple macOS macOS Sequoia versions antérieures à 15.7.1
References
Bulletin de sécurité Apple 125327 2025-09-29 vendor-advisory
Bulletin de sécurité Apple 125330 2025-09-29 vendor-advisory
Bulletin de sécurité Apple 125329 2025-09-29 vendor-advisory
Bulletin de sécurité Apple 125338 2025-09-29 vendor-advisory
Bulletin de sécurité Apple 125328 2025-09-29 vendor-advisory
Bulletin de sécurité Apple 125326 2025-09-29 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 26.0.1",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 18.7.1",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26.0.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 18.7.1",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 26.0.1",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 26.0.1",
      "product": {
        "name": "visionOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43400"
    }
  ],
  "initial_release_date": "2025-09-30T00:00:00",
  "last_revision_date": "2025-09-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0831",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-09-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2025-09-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125327",
      "url": "https://support.apple.com/en-us/125327"
    },
    {
      "published_at": "2025-09-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125330",
      "url": "https://support.apple.com/en-us/125330"
    },
    {
      "published_at": "2025-09-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125329",
      "url": "https://support.apple.com/en-us/125329"
    },
    {
      "published_at": "2025-09-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125338",
      "url": "https://support.apple.com/en-us/125338"
    },
    {
      "published_at": "2025-09-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125328",
      "url": "https://support.apple.com/en-us/125328"
    },
    {
      "published_at": "2025-09-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125326",
      "url": "https://support.apple.com/en-us/125326"
    }
  ]
}

CERTFR-2025-AVI-0791
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.

Apple indique que la vulnérabilité CVE-2025-43300 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple iPadOS iPadOS versions antérieures à 26
Apple watchOS watchOS versions antérieures à 26
Apple iOS iOS versions 16.x antérieures à 16.7.12
Apple macOS macOS Sonoma versions antérieures à 14.8
Apple tvOS tvOS versions antérieures à 26
Apple macOS macOS Sequoia versions antérieures à 15.7
Apple iOS iOS versions antérieures à 26
Apple iOS iOS versions 15.x antérieures à 15.8.5
Apple iOS iOS versions 18.x antérieures à 18.7
Apple visionOS visionOS versions antérieures à 26
Apple Xcode Xcode versions antérieures à 26
Apple Safari Safari versions antérieures à 26
Apple iPadOS iPadOS versions 15.x antérieures à 15.8.5
Apple iPadOS iPadOS versions 16.x antérieures à 16.7.12
Apple macOS macOS Tahoe versions antérieures à 26
Apple iPadOS iPadOS versions 18.x antérieures à 18.7
References
Bulletin de sécurité Apple 125112 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125116 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125110 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125115 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125141 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125117 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125114 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125108 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125111 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125109 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125142 2025-09-15 vendor-advisory
Bulletin de sécurité Apple 125113 2025-09-15 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "watchOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions 16.x ant\u00e9rieures \u00e0 16.7.12",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.8",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "tvOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.7",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions 15.x ant\u00e9rieures \u00e0 15.8.5",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions 18.x ant\u00e9rieures \u00e0 18.7",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "visionOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Xcode versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "Xcode",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions 15.x ant\u00e9rieures \u00e0 15.8.5",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions 16.x ant\u00e9rieures \u00e0 16.7.12",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Tahoe versions ant\u00e9rieures \u00e0 26",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions 18.x ant\u00e9rieures \u00e0 18.7",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43292"
    },
    {
      "name": "CVE-2025-43372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43372"
    },
    {
      "name": "CVE-2025-43332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43332"
    },
    {
      "name": "CVE-2025-31270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31270"
    },
    {
      "name": "CVE-2025-43362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43362"
    },
    {
      "name": "CVE-2025-43319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43319"
    },
    {
      "name": "CVE-2025-43340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43340"
    },
    {
      "name": "CVE-2025-43327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43327"
    },
    {
      "name": "CVE-2025-30468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30468"
    },
    {
      "name": "CVE-2025-43359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43359"
    },
    {
      "name": "CVE-2025-43262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43262"
    },
    {
      "name": "CVE-2024-27280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
    },
    {
      "name": "CVE-2025-31269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31269"
    },
    {
      "name": "CVE-2025-43354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43354"
    },
    {
      "name": "CVE-2025-43326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43326"
    },
    {
      "name": "CVE-2025-43204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43204"
    },
    {
      "name": "CVE-2025-43273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43273"
    },
    {
      "name": "CVE-2025-43347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43347"
    },
    {
      "name": "CVE-2025-43302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43302"
    },
    {
      "name": "CVE-2025-43321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43321"
    },
    {
      "name": "CVE-2025-31254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31254"
    },
    {
      "name": "CVE-2025-43299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43299"
    },
    {
      "name": "CVE-2025-43316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43316"
    },
    {
      "name": "CVE-2025-43263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43263"
    },
    {
      "name": "CVE-2025-31255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31255"
    },
    {
      "name": "CVE-2025-43375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43375"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2025-43355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43355"
    },
    {
      "name": "CVE-2025-43207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43207"
    },
    {
      "name": "CVE-2025-43285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43285"
    },
    {
      "name": "CVE-2025-43370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43370"
    },
    {
      "name": "CVE-2025-43312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43312"
    },
    {
      "name": "CVE-2025-43317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43317"
    },
    {
      "name": "CVE-2025-31271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31271"
    },
    {
      "name": "CVE-2025-43208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43208"
    },
    {
      "name": "CVE-2025-43283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43283"
    },
    {
      "name": "CVE-2025-48384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48384"
    },
    {
      "name": "CVE-2025-43277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43277"
    },
    {
      "name": "CVE-2025-43325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43325"
    },
    {
      "name": "CVE-2025-43231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43231"
    },
    {
      "name": "CVE-2025-24197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24197"
    },
    {
      "name": "CVE-2025-43358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43358"
    },
    {
      "name": "CVE-2025-43328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43328"
    },
    {
      "name": "CVE-2025-43368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43368"
    },
    {
      "name": "CVE-2025-43315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43315"
    },
    {
      "name": "CVE-2025-43331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43331"
    },
    {
      "name": "CVE-2025-43310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43310"
    },
    {
      "name": "CVE-2025-43333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43333"
    },
    {
      "name": "CVE-2025-43203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43203"
    },
    {
      "name": "CVE-2025-43307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43307"
    },
    {
      "name": "CVE-2025-43297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43297"
    },
    {
      "name": "CVE-2025-43190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43190"
    },
    {
      "name": "CVE-2025-24088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24088"
    },
    {
      "name": "CVE-2025-43293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43293"
    },
    {
      "name": "CVE-2025-43343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43343"
    },
    {
      "name": "CVE-2025-43294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43294"
    },
    {
      "name": "CVE-2025-43286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43286"
    },
    {
      "name": "CVE-2025-43353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43353"
    },
    {
      "name": "CVE-2025-43356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43356"
    },
    {
      "name": "CVE-2025-43330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43330"
    },
    {
      "name": "CVE-2025-43272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43272"
    },
    {
      "name": "CVE-2025-31259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31259"
    },
    {
      "name": "CVE-2025-31268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31268"
    },
    {
      "name": "CVE-2025-43366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43366"
    },
    {
      "name": "CVE-2025-43298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43298"
    },
    {
      "name": "CVE-2025-43369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43369"
    },
    {
      "name": "CVE-2025-43308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43308"
    },
    {
      "name": "CVE-2025-43346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43346"
    },
    {
      "name": "CVE-2025-40909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
    },
    {
      "name": "CVE-2025-43337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43337"
    },
    {
      "name": "CVE-2025-24133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24133"
    },
    {
      "name": "CVE-2025-43279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43279"
    },
    {
      "name": "CVE-2025-43314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43314"
    },
    {
      "name": "CVE-2025-43300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43300"
    },
    {
      "name": "CVE-2025-43342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43342"
    },
    {
      "name": "CVE-2025-43349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43349"
    },
    {
      "name": "CVE-2025-43341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43341"
    },
    {
      "name": "CVE-2025-43301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43301"
    },
    {
      "name": "CVE-2025-43318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43318"
    },
    {
      "name": "CVE-2025-43344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43344"
    },
    {
      "name": "CVE-2025-43311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43311"
    },
    {
      "name": "CVE-2025-43287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43287"
    },
    {
      "name": "CVE-2025-43303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43303"
    },
    {
      "name": "CVE-2025-43304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43304"
    },
    {
      "name": "CVE-2025-43291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43291"
    },
    {
      "name": "CVE-2025-43329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43329"
    },
    {
      "name": "CVE-2025-43357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43357"
    },
    {
      "name": "CVE-2025-43367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43367"
    },
    {
      "name": "CVE-2025-43371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43371"
    },
    {
      "name": "CVE-2025-43295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43295"
    },
    {
      "name": "CVE-2025-43305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43305"
    }
  ],
  "initial_release_date": "2025-09-16T00:00:00",
  "last_revision_date": "2025-09-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0791",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-09-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2025-43300 est activement exploit\u00e9e.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125112",
      "url": "https://support.apple.com/en-us/125112"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125116",
      "url": "https://support.apple.com/en-us/125116"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125110",
      "url": "https://support.apple.com/en-us/125110"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125115",
      "url": "https://support.apple.com/en-us/125115"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125141",
      "url": "https://support.apple.com/en-us/125141"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125117",
      "url": "https://support.apple.com/en-us/125117"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125114",
      "url": "https://support.apple.com/en-us/125114"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125108",
      "url": "https://support.apple.com/en-us/125108"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125111",
      "url": "https://support.apple.com/en-us/125111"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125109",
      "url": "https://support.apple.com/en-us/125109"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125142",
      "url": "https://support.apple.com/en-us/125142"
    },
    {
      "published_at": "2025-09-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 125113",
      "url": "https://support.apple.com/en-us/125113"
    }
  ]
}

CERTFR-2025-AVI-0716
Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans les produits Apple. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Apple indique que la vulnérabilité CVE-2025-43300 est activement exploitée dans le cadre d'attaques ciblées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple macOS macOS Sonoma versions antérieures à 14.7.8
Apple iPadOS iPadOS versions antérieures à 17.7.10
Apple iOS iOS versions antérieures à 18.6.2
Apple iPadOS iPadOS versions antérieures à 18.6.2
Apple macOS macOS Ventura versions antérieures à 13.7.8
Apple macOS macOS Sequoia versions antérieures à 15.6.1
References
Bulletin de sécurité Apple 124925 2025-08-20 vendor-advisory
Bulletin de sécurité Apple 124928 2025-08-20 vendor-advisory
Bulletin de sécurité Apple 124926 2025-08-20 vendor-advisory
Bulletin de sécurité Apple 124929 2025-08-20 vendor-advisory
Bulletin de sécurité Apple 124927 2025-08-20 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7.8",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.10",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 18.6.2",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 18.6.2",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7.8",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.6.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-43300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43300"
    }
  ],
  "initial_release_date": "2025-08-21T00:00:00",
  "last_revision_date": "2025-08-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0716",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-08-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Apple. Elle permet \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n\nApple indique que la vuln\u00e9rabilit\u00e9 CVE-2025-43300 est activement exploit\u00e9e dans le cadre d\u0027attaques cibl\u00e9es.",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2025-08-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124925",
      "url": "https://support.apple.com/en-us/124925"
    },
    {
      "published_at": "2025-08-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124928",
      "url": "https://support.apple.com/en-us/124928"
    },
    {
      "published_at": "2025-08-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124926",
      "url": "https://support.apple.com/en-us/124926"
    },
    {
      "published_at": "2025-08-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124929",
      "url": "https://support.apple.com/en-us/124929"
    },
    {
      "published_at": "2025-08-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124927",
      "url": "https://support.apple.com/en-us/124927"
    }
  ]
}

CERTFR-2025-AVI-0640
Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Google indique que la vulnérabilité CVE-2025-6558 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
Apple N/A tvOS versions antérieures à 18.6
Apple iOS iOS versions antérieures à 18.6
Apple N/A visionOS versions antérieures à 2.6
Apple iPadOS iPadOS versions 18.x antérieures à 18.6
Apple macOS macOS Sequoia versions antérieures à 15.6
Apple iPadOS iPadOS versions antérieures à 17.7.9
Apple macOS macOS Ventura versions antérieures à 13.7.7
Apple macOS macOS Sonoma versions antérieures à 14.7.7
Apple N/A watchOS versions antérieures à 11.6
References
Bulletin de sécurité Apple 124150 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124155 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124149 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124151 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124147 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124153 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124154 2025-07-29 vendor-advisory
Bulletin de sécurité Apple 124148 2025-07-29 vendor-advisory

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 18.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 18.6",
      "product": {
        "name": "iOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "visionOS versions ant\u00e9rieures \u00e0 2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions 18.x ant\u00e9rieures \u00e0 18.6",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sequoia versions ant\u00e9rieures \u00e0 15.6",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iPadOS versions ant\u00e9rieures \u00e0 17.7.9",
      "product": {
        "name": "iPadOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Ventura versions ant\u00e9rieures \u00e0 13.7.7",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sonoma versions ant\u00e9rieures \u00e0 14.7.7",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 11.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-24224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24224"
    },
    {
      "name": "CVE-2025-43241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43241"
    },
    {
      "name": "CVE-2025-31277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31277"
    },
    {
      "name": "CVE-2025-43206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43206"
    },
    {
      "name": "CVE-2025-43222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43222"
    },
    {
      "name": "CVE-2025-43251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43251"
    },
    {
      "name": "CVE-2025-31273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31273"
    },
    {
      "name": "CVE-2025-43191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43191"
    },
    {
      "name": "CVE-2025-43189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43189"
    },
    {
      "name": "CVE-2025-43234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43234"
    },
    {
      "name": "CVE-2025-43254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43254"
    },
    {
      "name": "CVE-2025-43245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43245"
    },
    {
      "name": "CVE-2025-43214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43214"
    },
    {
      "name": "CVE-2025-43212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43212"
    },
    {
      "name": "CVE-2025-43274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43274"
    },
    {
      "name": "CVE-2025-43192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43192"
    },
    {
      "name": "CVE-2025-43266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43266"
    },
    {
      "name": "CVE-2025-43273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43273"
    },
    {
      "name": "CVE-2025-43275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43275"
    },
    {
      "name": "CVE-2025-43224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43224"
    },
    {
      "name": "CVE-2025-43252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43252"
    },
    {
      "name": "CVE-2025-43239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43239"
    },
    {
      "name": "CVE-2025-43197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43197"
    },
    {
      "name": "CVE-2025-43235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43235"
    },
    {
      "name": "CVE-2025-43243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43243"
    },
    {
      "name": "CVE-2025-43240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43240"
    },
    {
      "name": "CVE-2025-43256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43256"
    },
    {
      "name": "CVE-2025-43236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43236"
    },
    {
      "name": "CVE-2025-31279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31279"
    },
    {
      "name": "CVE-2025-43202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43202"
    },
    {
      "name": "CVE-2025-43259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43259"
    },
    {
      "name": "CVE-2025-43270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43270"
    },
    {
      "name": "CVE-2025-43210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43210"
    },
    {
      "name": "CVE-2025-43193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43193"
    },
    {
      "name": "CVE-2025-43227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43227"
    },
    {
      "name": "CVE-2025-31278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31278"
    },
    {
      "name": "CVE-2025-43237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43237"
    },
    {
      "name": "CVE-2025-43225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43225"
    },
    {
      "name": "CVE-2025-31243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31243"
    },
    {
      "name": "CVE-2025-43253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43253"
    },
    {
      "name": "CVE-2025-43217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43217"
    },
    {
      "name": "CVE-2025-43257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43257"
    },
    {
      "name": "CVE-2025-43277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43277"
    },
    {
      "name": "CVE-2025-31281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31281"
    },
    {
      "name": "CVE-2025-43219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43219"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2025-43233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43233"
    },
    {
      "name": "CVE-2025-24220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24220"
    },
    {
      "name": "CVE-2025-24119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24119"
    },
    {
      "name": "CVE-2025-31275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31275"
    },
    {
      "name": "CVE-2025-31229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31229"
    },
    {
      "name": "CVE-2025-43199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43199"
    },
    {
      "name": "CVE-2025-43220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43220"
    },
    {
      "name": "CVE-2025-31280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31280"
    },
    {
      "name": "CVE-2025-43255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43255"
    },
    {
      "name": "CVE-2025-43229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43229"
    },
    {
      "name": "CVE-2025-43211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43211"
    },
    {
      "name": "CVE-2025-43209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43209"
    },
    {
      "name": "CVE-2025-43186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43186"
    },
    {
      "name": "CVE-2025-6558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
    },
    {
      "name": "CVE-2025-43249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43249"
    },
    {
      "name": "CVE-2025-43228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43228"
    },
    {
      "name": "CVE-2025-43188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43188"
    },
    {
      "name": "CVE-2025-43265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43265"
    },
    {
      "name": "CVE-2025-43264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43264"
    },
    {
      "name": "CVE-2025-43268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43268"
    },
    {
      "name": "CVE-2025-43248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43248"
    },
    {
      "name": "CVE-2025-43247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43247"
    },
    {
      "name": "CVE-2025-43213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43213"
    },
    {
      "name": "CVE-2025-43216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43216"
    },
    {
      "name": "CVE-2025-43232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43232"
    },
    {
      "name": "CVE-2025-31276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31276"
    },
    {
      "name": "CVE-2025-43261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43261"
    },
    {
      "name": "CVE-2025-43276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43276"
    },
    {
      "name": "CVE-2025-43226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43226"
    },
    {
      "name": "CVE-2025-43223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43223"
    },
    {
      "name": "CVE-2025-43246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43246"
    },
    {
      "name": "CVE-2025-43260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43260"
    },
    {
      "name": "CVE-2025-43215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43215"
    },
    {
      "name": "CVE-2025-43238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43238"
    },
    {
      "name": "CVE-2025-43198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43198"
    },
    {
      "name": "CVE-2025-43230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43230"
    },
    {
      "name": "CVE-2025-43250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43250"
    },
    {
      "name": "CVE-2025-43196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43196"
    },
    {
      "name": "CVE-2025-43218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43218"
    },
    {
      "name": "CVE-2025-24188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24188"
    },
    {
      "name": "CVE-2025-7424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
    },
    {
      "name": "CVE-2025-43194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43194"
    },
    {
      "name": "CVE-2025-43267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43267"
    },
    {
      "name": "CVE-2025-43195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43195"
    },
    {
      "name": "CVE-2025-43185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43185"
    },
    {
      "name": "CVE-2025-43184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43184"
    },
    {
      "name": "CVE-2025-43244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43244"
    },
    {
      "name": "CVE-2025-43187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43187"
    },
    {
      "name": "CVE-2025-43221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43221"
    }
  ],
  "initial_release_date": "2025-07-30T00:00:00",
  "last_revision_date": "2025-07-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0640",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-30T00:00:00.000000"
    },
    {
      "description": "Google indique que la vuln\u00e9rabilit\u00e9 CVE-2025-6558 est activement exploit\u00e9e.",
      "revision_date": "2025-07-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.\n\nGoogle indique que la vuln\u00e9rabilit\u00e9 CVE-2025-6558 est activement exploit\u00e9e.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124150",
      "url": "https://support.apple.com/en-us/124150"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124155",
      "url": "https://support.apple.com/en-us/124155"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124149",
      "url": "https://support.apple.com/en-us/124149"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124151",
      "url": "https://support.apple.com/en-us/124151"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124147",
      "url": "https://support.apple.com/en-us/124147"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124153",
      "url": "https://support.apple.com/en-us/124153"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124154",
      "url": "https://support.apple.com/en-us/124154"
    },
    {
      "published_at": "2025-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 124148",
      "url": "https://support.apple.com/en-us/124148"
    }
  ]
}