CVE-2025-30433

CRITICAL Year: 2025
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-284
View all →

Vulnerability Description

This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.

Related Vulnerabilities

CVE-2011-3544

CRITICAL
CVSS:9.8(Critical)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java a...

CWE-2842011

CVE-2012-1723

CRITICAL
CVSS:9.8(Critical)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows re...

CWE-2842012

CVE-2012-4681

CRITICAL
CVSS:9.8(Critical)

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses Se...

CWE-2842012

CVE-2012-5076

CRITICAL
CVSS:9.8(Critical)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, relat...

CWE-2842012

CVE-2014-10050

CRITICAL
CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing...

CWE-2842014

CVE-2014-10053

CRITICAL
CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/...

CWE-2842014