CVE-2025-24223

HIGH Year: 2025
CVSS v3 Score
8.0
High
Weakness Type
CWE-352
View all →

Vulnerability Description

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

Related Vulnerabilities

CVE-2014-100005

HIGH
CVSS:8.0(High)

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for req...

CWE-3522014

CVE-2015-2142

HIGH
CVSS:8.0(High)

Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to (1) hijack the authentication of users for requests that cause...

CWE-3522015

CVE-2015-4630

HIGH
CVSS:8.0(High)

Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack th...

CWE-3522015

CVE-2015-7284

HIGH
CVSS:8.0(High)

Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users.

CWE-3522015

CVE-2015-7925

HIGH
CVSS:8.0(High)

Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware u...

CWE-3522015

CVE-2015-8152

HIGH
CVSS:8.0(High)

Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for ...

CWE-3522015