CVE-2025-24097

MEDIUM Year: 2025
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata.

Related Vulnerabilities

CVE-2016-7917

MEDIUM
CVSS:5.0(Medium)

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain s...

CWE-1252016

CVE-2017-6437

MEDIUM
CVSS:5.0(Medium)

The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.

CWE-1252017

CVE-2018-19020

MEDIUM
CVSS:5.0(Medium)

When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array.

CWE-1252018

CVE-2019-2039

MEDIUM
CVSS:5.0(Medium)

In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges need...

CWE-1252019

CVE-2019-2040

MEDIUM
CVSS:5.0(Medium)

In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privilege...

CWE-1252019

CVE-2019-9235

MEDIUM
CVSS:5.0(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed...

CWE-1252019