VYPR

macOS

by Apple Inc.

CVEs (3,325)

  • CVE-2021-1826MedSep 8, 2021
    risk 0.40cvss 6.1epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting.

  • CVE-2021-1825MedSep 8, 2021
    risk 0.40cvss 6.1epss 0.01

    An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may…

  • CVE-2021-30744MedSep 8, 2021
    risk 0.40cvss 6.1epss 0.01

    Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to…

  • CVE-2021-30890MedAug 24, 2021
    risk 0.40cvss 6.1epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting.

  • CVE-2020-9995MedApr 2, 2021
    risk 0.40cvss 6.1epss 0.01

    An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Server 5.11. Processing a maliciously crafted URL may lead to an open redirect or cross site scripting.

  • CVE-2020-10012MedDec 8, 2020
    risk 0.40cvss 6.1epss 0.01

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted document may lead to a cross site scripting attack.

  • CVE-2019-8753MedOct 27, 2020
    risk 0.40cvss 6.1epss 0.01

    This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. Processing maliciously crafted web content may lead to a cross site scripting attack.

  • CVE-2020-3884MedApr 1, 2020
    risk 0.40cvss 6.1epss 0.01

    An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution.

  • CVE-2019-8658MedDec 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may…

  • CVE-2017-13819MedNov 13, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for…

  • CVE-2016-7609MedFeb 20, 2017
    risk 0.40cvss 6.2epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "AppleGraphicsPowerManagement" component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-7600MedFeb 20, 2017
    risk 0.40cvss 6.2epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "OpenPAM" component, which allows local users to obtain sensitive information by leveraging mishandling of failed PAM authentication by a sandboxed app.

  • CVE-2025-46310MedFeb 11, 2026
    risk 0.39cvss 6.0epss 0.00

    This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26. An attacker with root privileges may be able to delete protected system files.

  • CVE-2025-43200MedKEVJun 16, 2025
    risk 0.39cvss 4.2epss 0.01

    This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, watchOS 11.3.1. A…

  • CVE-2023-48795MedDec 18, 2023
    risk 0.39cvss 5.9epss 0.94

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently…

  • CVE-2023-32369MedJun 23, 2023
    risk 0.39cvss 6.0epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system.

  • CVE-2022-22616MedMay 26, 2022
    risk 0.39cvss 5.5epss 0.08

    This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks.

  • CVE-2021-30833MedOct 28, 2021
    risk 0.39cvss 5.5epss 0.43

    This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.

  • CVE-2019-6209MedMar 5, 2019
    risk 0.39cvss 5.5epss 0.04

    An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory…

  • CVE-2019-6208MedMar 5, 2019
    risk 0.39cvss 5.5epss 0.03

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.

Page 95 of 167