July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple IBM Db2 Vulnerabilities
June 3, 2025Multiple WordPress Plugins Vulnerabilities
June 3, 2025Multiple IBM Db2 Vulnerabilities
June 3, 2025Multiple WordPress Plugins Vulnerabilities
June 3, 2025
Severity
Medium
Analysis Summary
CVE-2025-31205 CVSS:6.5
Apple Safari could allow a remote attacker to exfiltrate data cross-origin, caused by an issue in the WebKit component when visiting a specially crafted Web site.
CVE-2025-30448 CVSS:5.5
Apple visionOS could allow a local attacker to bypass security restrictions, caused by an error in the iCloud Document Sharing component. By using a specially crafted application, an attacker could turn on sharing of an iCloud folder without authentication
CVE-2025-31218 CVSS:5.5
Apple macOS Sequoia could allow a local attacker to observe the hostnames of new network connections, caused by an issue in the NetworkExtension component when using a specially crafted application.
Impact
- Information Disclosure
- Security Bypass
Indicators of Compromise
CVE
CVE-2025-31205
CVE-2025-30448
CVE-2025-31218
Affected Vendors
- Apple
Affected Products
- Apple macOS - unspecified
- Apple iOS and iPadOS - unspecified
- Apple iPadOS - unspecified
- Apple visionOS - 2.4.0
- Apple Safari - 18.4
- Apple macOS Sequoia - 15.4
Remediation
Refer to the Apple security document for patch, upgrade, or suggested workaround information.