CVE-2025-24272

MEDIUM Year: 2025
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-284
View all →

Vulnerability Description

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.

Related Vulnerabilities

CVE-2016-2167

MEDIUM
CVSS:6.8(Medium)

The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate a...

CWE-2842016

CVE-2016-4030

MEDIUM
CVSS:6.8(Medium)

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I...

CWE-2842016

CVE-2016-4031

MEDIUM
CVSS:6.8(Medium)

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I...

CWE-2842016

CVE-2016-5610

MEDIUM
CVSS:6.8(Medium)

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability ...

CWE-2842016

CVE-2016-6338

MEDIUM
CVSS:6.8(Medium)

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restrict...

CWE-2842016

CVE-2017-7918

MEDIUM
CVSS:6.8(Medium)

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups us...

CWE-2842017