CVE-2025-24264

CRITICAL Year: 2025
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-400
View all →

Vulnerability Description

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Related Vulnerabilities

CVE-2013-20004

CRITICAL
CVSS:9.8(Critical)

A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by try...

CWE-4002013

CVE-2015-4412

CRITICAL
CVSS:9.8(Critical)

BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data v...

CWE-4002015

CVE-2017-1000378

CRITICAL
CVSS:9.8(Critical)

The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows...

CWE-4002017

CVE-2017-9104

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.

CWE-4002017

CVE-2017-9119

CRITICAL
CVSS:9.8(Critical)

The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by...

CWE-4002017

CVE-2018-11936

CRITICAL
CVSS:9.8(Critical)

Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snap...

CWE-4002018