VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,439 total · sorted by risk
  • CVE-2023-27963HigMay 8, 2023
    risk 0.49cvss 7.5epss 0.01

    The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without…

  • CVE-2022-46716HigApr 10, 2023
    risk 0.49cvss 7.5epss 0.00

    A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings

  • CVE-2023-23524HigFeb 27, 2023
    risk 0.49cvss 7.5epss 0.01

    A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

  • CVE-2023-23519HigFeb 27, 2023
    risk 0.49cvss 7.5epss 0.01

    A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image may lead to a denial-of-service.

  • CVE-2022-32846HigFeb 27, 2023
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

  • CVE-2022-32836HigFeb 27, 2023
    risk 0.49cvss 7.5epss 0.01

    This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

  • CVE-2022-32830HigFeb 27, 2023
    risk 0.49cvss 7.5epss 0.01

    An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information.

  • CVE-2022-32927HigNov 1, 2022
    risk 0.49cvss 7.5epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app.

  • CVE-2022-32910HigNov 1, 2022
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.

  • CVE-2022-32790HigSep 23, 2022
    risk 0.49cvss 7.5epss 0.02

    This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service.

  • CVE-2022-32793HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.01

    Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.

  • CVE-2022-26701HigMay 26, 2022
    risk 0.49cvss 7.5epss 0.01

    A race condition was addressed with improved locking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges.

  • CVE-2022-22673HigMay 26, 2022
    risk 0.49cvss 7.5epss 0.01

    This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service.

  • CVE-2022-22653HigMar 18, 2022
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices.

  • CVE-2022-22651HigMar 18, 2022
    risk 0.49cvss 7.5epss 0.02

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.3. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

  • CVE-2022-22643HigMar 18, 2022
    risk 0.49cvss 7.5epss 0.01

    This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so.

  • CVE-2022-22609HigMar 18, 2022
    risk 0.49cvss 7.5epss 0.01

    The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications' settings.

  • CVE-2022-22585HigMar 18, 2022
    risk 0.49cvss 7.5epss 0.02

    An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a…

  • CVE-2017-2488HigDec 23, 2021
    risk 0.49cvss 7.5epss 0.01

    A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Secure Remote Password authentication protocol. This issue is fixed in Apple Remote Desktop 3.9. An attacker may be able to capture cleartext passwords.

  • CVE-2017-13892HigDec 23, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information. This issue is fixed in macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. Sharing contact information may…

  • CVE-2021-30844HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.02

    A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory.

  • CVE-2021-30826HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection.

  • CVE-2020-29622HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.01

    A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.

  • CVE-2021-30715HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted message may lead to a denial of service.

  • CVE-2021-30698HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.

  • CVE-2021-30660HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to disclose kernel memory.

  • CVE-2021-1859HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3. Locked Notes content may have been unexpectedly unlocked.

  • CVE-2021-1849HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to bypass Privacy preferences.

  • CVE-2021-1809HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read…

  • CVE-2021-1808HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.

  • CVE-2021-1784HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to modify protected parts of…

  • CVE-2021-30798HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.

  • CVE-2021-30729HigSep 8, 2021
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.6 and iPadOS 14.6. A device may accept invalid activation results.

  • CVE-2021-31005HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.01

    Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, macOS Monterey 12.0.1. Turning off "Block all remote content" may not apply to all remote content types.

  • CVE-2021-30997HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.01

    A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail.

  • CVE-2021-30984HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.02

    A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

  • CVE-2021-30966HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.

  • CVE-2021-30924HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.02

    A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.

  • CVE-2021-30882HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved validation. This issue is fixed in watchOS 8, iOS 15 and iPadOS 15. An application with microphone permission may unexpectedly access microphone input during a FaceTime call.

  • CVE-2021-30874HigAug 24, 2021
    risk 0.49cvss 7.5epss 0.01

    An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A VPN configuration may be installed by an app without user permission.

  • CVE-2021-1761HigApr 2, 2021
    risk 0.49cvss 7.5epss 0.02

    This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.

  • CVE-2021-1764HigApr 2, 2021
    risk 0.49cvss 7.5epss 0.02

    A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial…

  • CVE-2020-9991HigDec 8, 2020
    risk 0.49cvss 7.5epss 0.03

    This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service.

  • CVE-2020-27950MedKEVDec 8, 2020
    risk 0.49cvss 5.5epss 0.17

    A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental…

  • CVE-2020-9941HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.03

    This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state.

  • CVE-2020-9782HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.

  • CVE-2020-9774HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately…

  • CVE-2019-8854HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address.

  • CVE-2019-8851HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A Mac may not lock immediately upon wake.

  • CVE-2019-8640HigOct 27, 2020
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions.

Page 47 of 169