CVE-2025-24162

MEDIUM Year: 2025
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.

Related Vulnerabilities

CVE-2006-6016

MEDIUM
CVSS:6.5(Medium)

wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.

CWE-1252006

CVE-2011-2501

MEDIUM
CVSS:6.5(Medium)

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (applic...

CWE-1252011

CVE-2012-0259

MEDIUM
CVSS:6.5(Medium)

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolut...

CWE-1252012

CVE-2012-1798

MEDIUM
CVSS:6.5(Medium)

The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF i...

CWE-1252012

CVE-2014-8127

MEDIUM
CVSS:6.5(Medium)

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (...

CWE-1252014

CVE-2014-8354

MEDIUM
CVSS:6.5(Medium)

The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CWE-1252014