CVE-2025-30425

MEDIUM Year: 2025
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-284
View all →

Vulnerability Description

This issue was addressed through improved state management. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A malicious website may be able to track users in Safari private browsing mode.

Related Vulnerabilities

CVE-2011-4181

MEDIUM
CVSS:4.3(Medium)

A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including ve...

CWE-2842011

CVE-2014-125054

MEDIUM
CVSS:4.3(Medium)

A vulnerability classified as critical was found in koroket RedditOnRails. This vulnerability affects unknown code of the component Vote Handler. The manipulation leads to improper access controls. Th...

CWE-2842014

CVE-2015-3163

MEDIUM
CVSS:4.3(Medium)

The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAK...

CWE-2842015

CVE-2015-8021

MEDIUM
CVSS:4.3(Medium)

Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 befo...

CWE-2842015

CVE-2016-0222

MEDIUM
CVSS:4.3(Medium)

IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors.

CWE-2842016

CVE-2016-0289

MEDIUM
CVSS:4.3(Medium)

shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 before 7.5.0.10 and 7.6 before 7.6.0.4 allows remote authenticated users to bypass intended item-selection restriction...

CWE-2842016