Apple Macos Ventura vulnerabilities

CVE-2025-43300 [CRITICAL] CVE-2025-43300: macOS Ventura 13.7.8 Apple Security Update: About the security content of macOS Ventura 13.7.8 Product: macOS Ventura Version: 13.7.8 CVE: CVE-2025-43300 Component: ImageIO Impact: Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. Description: An out-of-bounds write issue was addressed with improv

CVE-2025-43261 [CRITICAL] CVE-2025-43261: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43261 Component: File Bookmark Impact: An app may be able to break out of its sandbox Description: A logic issue was addressed with improved checks.

CVE-2025-43275 [CRITICAL] CVE-2025-43275: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43275 Component: NetAuth Impact: An app may be able to break out of its sandbox Description: A race condition was addressed with additional validation.

CVE-2025-31279 [CRITICAL] CVE-2025-31279: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-31279 Component: Find My Impact: An app may be able to fingerprint the user Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43220 [CRITICAL] CVE-2025-43220: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43220 Component: CFNetwork Impact: A non-privileged user may be able to modify restricted network settings Description: A denial-of-service issue was addressed with improved input validation.

CVE-2025-43232 [CRITICAL] CVE-2025-43232: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43232 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43184 [CRITICAL] CVE-2025-43184: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43184 Component: Shortcuts Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2025-43222 [CRITICAL] CVE-2025-43222: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43222 Component: CFNetwork Impact: An attacker may be able to cause unexpected app termination Description: A use-after-free issue was addressed by removing the vulnerable code.

CVE-2025-43244 [CRITICAL] CVE-2025-43244: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43244 Component: AMD Impact: An app may be able to cause unexpected system termination Description: A race condition was addressed with improved state handling.

CVE-2025-43243 [CRITICAL] CVE-2025-43243: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43243 Component: Software Update Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43193 [CRITICAL] CVE-2025-43193: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43193 Component: SecurityAgent Impact: An app may be able to cause a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2025-43199 [CRITICAL] CVE-2025-43199: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43199 Component: Core Services Impact: A malicious app may be able to gain root privileges Description: A permissions issue was addressed by removing the vulnerable code.

CVE-2025-43194 [CRITICAL] CVE-2025-43194: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43194 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2025-43186 [CRITICAL] CVE-2025-43186: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43186 Component: Admin Framework Impact: An app may be able to cause a denial-of-service Description: A path handling issue was addressed with improved validation.

CVE-2025-43233 [CRITICAL] CVE-2025-43233: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43233 Component: Security Impact: A malicious app acting as a HTTPS proxy could get access to sensitive user data Description: This issue was addressed with improved access restrictions.

CVE-2025-43245 [CRITICAL] CVE-2025-43245: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43245 Component: AppleMobileFileIntegrity Impact: An app may be able to access protected user data Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2025-43209 [CRITICAL] CVE-2025-43209: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43209 Component: ICU Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2025-43254 [HIGH] CVE-2025-43254: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43254 Component: Disk Images Impact: Running an hdiutil command may unexpectedly execute arbitrary code Description: This issue was addressed by removing the vulnerable code.

CVE-2025-24119 [HIGH] CVE-2025-24119: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-24119 Component: Finder Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: This issue was addressed through improved state management.

CVE-2025-43196 [HIGH] CVE-2025-43196: macOS Ventura 13.7.7 Apple Security Update: About the security content of macOS Ventura 13.7.7 Product: macOS Ventura Version: 13.7.7 CVE: CVE-2025-43196 Component: LaunchServices Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: This issue was addressed through improved state management.