VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,445 total · sorted by risk
  • CVE-2024-44242CriDec 12, 2024
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.

  • CVE-2024-44241CriDec 12, 2024
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.

  • CVE-2024-6387HigJul 1, 2024
    risk 0.64cvss 8.1epss 1.00

    A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time…

  • CVE-2018-4164CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. Xcode before 9.3 is affected. The issue, which is unspecified, involves the "LLVM" component.

  • CVE-2018-4148CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Telephony" component. A buffer overflow allows remote attackers to execute arbitrary code.

  • CVE-2018-4124CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.07

    An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to…

  • CVE-2018-4115CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass…

  • CVE-2018-4110CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence.

  • CVE-2018-4108CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Management" component. It allows attackers to trigger truncation of an APFS volume password via an unspecified injection.

  • CVE-2018-4105CriApr 3, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "APFS" component. It allows attackers to trigger truncation of an APFS volume password via an unspecified injection.

  • CVE-2017-17821CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.01

    WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in…

  • CVE-2017-13846CriNov 13, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-13832CriNov 13, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.

  • CVE-2017-13815CriNov 13, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7130CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a…

  • CVE-2017-7129CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a…

  • CVE-2017-7128CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a…

  • CVE-2017-7126CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7125CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7124CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7123CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7122CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7121CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-7112CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial…

  • CVE-2017-7110CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial…

  • CVE-2017-7108CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial…

  • CVE-2017-7105CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial…

  • CVE-2017-7103CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial…

  • CVE-2017-11121CriSep 28, 2017
    risk 0.64cvss 9.8epss 0.03

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.

  • CVE-2017-13688CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().

  • CVE-2017-13053CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().

  • CVE-2017-13050CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.05

    The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().

  • CVE-2017-13044CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().

  • CVE-2017-13036CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().

  • CVE-2017-13023CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

  • CVE-2017-13020CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

  • CVE-2017-13017CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().

  • CVE-2017-13016CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

  • CVE-2017-13015CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().

  • CVE-2017-13010CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().

  • CVE-2017-13001CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().

  • CVE-2017-12999CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().

  • CVE-2017-12996CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().

  • CVE-2017-12995CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.02

    The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().

  • CVE-2017-12994CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

  • CVE-2017-12990CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.

  • CVE-2017-12898CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().

  • CVE-2017-12896CriSep 14, 2017
    risk 0.64cvss 9.8epss 0.03

    The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().

  • CVE-2017-8248CriAug 16, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.

  • CVE-2017-11542CriJul 23, 2017
    risk 0.64cvss 9.8epss 0.04

    tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.

Page 3 of 169