CVE-2025-24196

CRITICAL Year: 2025
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-125
View all →

Vulnerability Description

A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with user privileges may be able to read kernel memory.

Related Vulnerabilities

CVE-1999-0006

CRITICAL
CVSS:9.8(Critical)

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

CWE-1251999

CVE-2014-2896

CRITICAL
CVSS:9.8(Critical)

The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an ou...

CWE-1252014

CVE-2014-2897

CRITICAL
CVSS:9.8(Critical)

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC...

CWE-1252014

CVE-2014-2898

CRITICAL
CVSS:9.8(Critical)

wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not ...

CWE-1252014

CVE-2015-8608

CRITICAL
CVSS:9.8(Critical)

The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter...

CWE-1252015

CVE-2015-9050

CRITICAL
CVSS:9.8(Critical)

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call.

CWE-1252015