Apple Macos Ventura vulnerabilities

CVE-2025-24243 [HIGH] CVE-2025-24243: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24243 Component: Audio Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2025-24126 [HIGH] CVE-2025-24126: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24126 Component: AirPlay Impact: An attacker on the local network may be able to corrupt process memory Description: An input validation issue was addressed.

CVE-2025-31189 [HIGH] CVE-2025-31189: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-31189 Component: Disk Images Impact: An app may be able to break out of its sandbox Description: A file quarantine bypass was addressed with additional checks.

CVE-2025-30456 [HIGH] CVE-2025-30456: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-30456 Component: DiskArbitration Impact: An app may be able to gain root privileges Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-24234 [HIGH] CVE-2025-24234: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24234 Component: AccountPolicy Impact: A malicious app may be able to gain root privileges Description: This issue was addressed by removing the vulnerable code.

CVE-2025-30464 [HIGH] CVE-2025-30464: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-30464 Component: GPU Drivers Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2025-24177 [HIGH] CVE-2025-24177: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24177 Component: AirPlay Impact: An attacker on the local network may be able to cause a denial-of-service Description: A null pointer dereference was addressed with improved input validation.

CVE-2025-24255 [HIGH] CVE-2025-24255: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24255 Component: Disk Images Impact: An app may be able to break out of its sandbox Description: A file access issue was addressed with improved input validation.

CVE-2025-24277 [HIGH] CVE-2025-24277: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24277 Component: Crash Reporter Impact: An app may be able to gain root privileges Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-24254 [HIGH] CVE-2025-24254: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24254 Component: Software Update Impact: A user may be able to elevate privileges Description: This issue was addressed with improved validation of symlinks.

CVE-2025-30471 [HIGH] CVE-2025-30471: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-30471 Component: Security Impact: A remote user may be able to cause a denial-of-service Description: A validation issue was addressed with improved logic.

CVE-2025-24229 [HIGH] CVE-2025-24229: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24229 Component: Installer Impact: A sandboxed app may be able to access sensitive user data Description: A logic issue was addressed with improved checks.

CVE-2024-54533 [HIGH] CVE-2024-54533: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2024-54533 Component: Spotlight Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-24212 [MEDIUM] CVE-2025-24212: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24212 Component: Calendar Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks.

CVE-2025-24270 [MEDIUM] CVE-2025-24270: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24270 Component: AirPlay Impact: An attacker on the local network may be able to leak sensitive user information Description: This issue was addressed by removing the vulnerable code.

CVE-2025-24235 [MEDIUM] CVE-2025-24235: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24235 Component: Kerberos Helper Impact: A remote attacker may be able to cause unexpected app termination or heap corruption Description: A memory initialization issue was addressed with improved memory handling.

CVE-2025-30443 [MEDIUM] CVE-2025-30443: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-30443 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed by removing the vulnerable code.

CVE-2025-30470 [MEDIUM] CVE-2025-30470: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-30470 Component: Maps Impact: An app may be able to read sensitive location information Description: A path handling issue was addressed with improved logic.

CVE-2025-24271 [MEDIUM] CVE-2025-24271: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-24271 Component: AirPlay Impact: An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing Description: An access issue was addressed with improved access restrictions.

CVE-2025-31197 [MEDIUM] CVE-2025-31197: macOS Ventura 13.7.5 Apple Security Update: About the security content of macOS Ventura 13.7.5 Product: macOS Ventura Version: 13.7.5 CVE: CVE-2025-31197 Component: AirPlay Impact: An attacker on the local network may cause an unexpected app termination Description: The issue was addressed with improved checks.