CVE-2025-30460

HIGH Year: 2025
CVSS v3 Score
7.4
High
Weakness Type
CWE-284
View all →

Vulnerability Description

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data.

Related Vulnerabilities

CVE-2014-0881

HIGH
CVSS:7.4(High)

The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of servi...

CWE-2842014

CVE-2014-8183

HIGH
CVSS:7.4(High)

It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource ...

CWE-2842014

CVE-2016-0340

HIGH
CVSS:7.4(High)

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging...

CWE-2842016

CVE-2017-12191

HIGH
CVSS:7.4(High)

A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be ap...

CWE-2842017

CVE-2019-1890

HIGH
CVSS:7.4(High)

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, ...

CWE-2842019

CVE-2020-36838

HIGH
CVSS:7.4(High)

The Facebook Chat Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wp_ajax_update_options function in versions up to, and including, 1.5. This flaw m...

CWE-2842020