VDB

GCVE-110-NCSC-2025-140

GCVE-110-NCSC-2025-140
Advisory PublishedCVSS 9.8/10
Vulnetix · Advisory published April 30, 2025
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Weaknesses (CWE)

CWE-400Uncontrolled Resource ConsumptionCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-476NULL Pointer DereferenceCWE-416Use After FreeCWE-863Incorrect AuthorizationCWE-404Improper Resource Shutdown or ReleaseCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-862Missing Authorization

Risk Scores

CVSS 3.1
9.8/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
Applevers:unknown/<17.7.6
Applevers:unknown/<18.3
Applevers:unknown/>=14.0|<14.7.5
Applevers:apple/2.7.1
Applevers:unknown/>=13.0|<13.7.5
Applevers:unknown/<13.7.5
Applevers:unknown/>=18.0|<18.3
Applevers:apple/13.7.5
Applevers:unknown/unspecified|<18.3
Applevers:unknown/>=18.0|<18.4
Applevers:unknown/<18.4
Applevers:unknown/unspecified|<17.7
Applevers:unknown/unspecified|<18.4
Applevers:apple/17.7.6
Applevers:apple/18.4
Applevers:apple/r18.1
Applevers:unknown/unknown
Applevers:apple/17.7
Applevers:apple/15.4
Applevers:apple/3.6.0.126
Applevers:apple/14.7
Applevers:apple/13.7

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›