Vendor CVEs
Apple Inc.
All CVEs
8,440 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4754 | Hig | 0.49 | 7.5 | 0.02 | Sep 25, 2016 | ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | ||
| CVE-2016-4711 | Hig | 0.49 | 7.5 | 0.02 | Sep 25, 2016 | CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output. | ||
| CVE-2016-4632 | Hig | 0.49 | 7.5 | 0.03 | Jul 22, 2016 | ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | ||
| CVE-2016-4591 | Hig | 0.49 | 7.5 | 0.04 | Jul 22, 2016 | WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. | ||
| CVE-2016-1853 | Hig | 0.49 | 7.5 | 0.03 | May 20, 2016 | Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support. | ||
| CVE-2016-1843 | Hig | 0.49 | 7.5 | 0.03 | May 20, 2016 | The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||
| CVE-2016-1842 | Hig | 0.49 | 7.5 | 0.02 | May 20, 2016 | MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. | ||
| CVE-2016-1809 | Hig | 0.49 | 7.5 | 0.01 | May 20, 2016 | Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors. | ||
| CVE-2016-1801 | Hig | 0.49 | 7.5 | 0.04 | May 20, 2016 | The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||
| CVE-2016-1208 | Hig | 0.49 | 7.5 | 0.01 | May 14, 2016 | The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors. | ||
| CVE-2016-1777 | Hig | 0.49 | 7.5 | 0.02 | Mar 24, 2016 | Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | ||
| CVE-2016-1766 | Hig | 0.49 | 7.5 | 0.01 | Mar 24, 2016 | The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors. | ||
| CVE-2014-1266 | Hig | 0.49 | 7.4 | 0.06 | Feb 22, 2014 | The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check… | ||
| CVE-2011-1755 | Hig | 0.49 | 7.5 | 0.04 | Jun 21, 2011 | jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to… | ||
| CVE-2010-0302 | Hig | 0.49 | 7.5 | 0.03 | Mar 5, 2010 | Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or… | ||
| CVE-2009-3553 | Hig | 0.49 | 7.5 | 0.04 | Nov 20, 2009 | Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client… | ||
| CVE-2009-1955 | Hig | 0.49 | 7.5 | 0.53 | Jun 8, 2009 | The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document… | ||
| CVE-2009-0152 | Hig | 0.49 | 7.5 | 0.02 | May 13, 2009 | iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network. | ||
| CVE-2008-0063 | Hig | 0.49 | 7.5 | 0.03 | Mar 19, 2008 | The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | ||
| CVE-2007-0897 | Hig | 0.49 | 7.5 | 0.03 | Feb 16, 2007 | Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a… | ||
| CVE-2006-5051 | Hig | 0.49 | 8.1 | 0.45 | Sep 27, 2006 | Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | ||
| CVE-2004-1083 | Hig | 0.49 | 7.5 | 0.02 | Dec 3, 2004 | Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate… | ||
| CVE-2002-1372 | Hig | 0.49 | 7.5 | 0.03 | Dec 26, 2002 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not… | ||
| CVE-2025-43520 | Med | 0.48 | 5.5 | 0.00 | KEV | Dec 12, 2025 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may… | |
| CVE-2025-31238 | Hig | 0.48 | 7.3 | 0.01 | May 12, 2025 | The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. | ||
| CVE-2025-30460 | Hig | 0.48 | 7.4 | 0.01 | Mar 31, 2025 | A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data. | ||
| CVE-2025-24229 | Hig | 0.48 | 7.4 | 0.01 | Mar 31, 2025 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A sandboxed app may be able to access sensitive user data. | ||
| CVE-2023-41991 | Med | 0.48 | 5.5 | 0.05 | KEV | Sep 21, 2023 | A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS… | |
| CVE-2023-38606 | Med | 0.48 | 5.5 | 0.01 | KEV | Jul 27, 2023 | This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state.… | |
| CVE-2022-22674 | Med | 0.48 | 5.5 | 0.01 | KEV | May 26, 2022 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel… | |
| CVE-2021-30662 | Hig | 0.48 | 7.3 | 0.01 | Sep 8, 2021 | This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution. | ||
| CVE-2021-30888 | Hig | 0.48 | 7.4 | 0.02 | Aug 24, 2021 | An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect… | ||
| CVE-2019-14899 | Hig | 0.48 | 7.4 | 0.01 | Dec 11, 2019 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct… | ||
| CVE-2017-13890 | Hig | 0.48 | 7.4 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site. | ||
| CVE-2016-4641 | Hig | 0.48 | 7.3 | 0.01 | Jul 22, 2016 | Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion." | ||
| CVE-2015-7551 | Hig | 0.48 | 8.4 | 0.01 | Mar 24, 2016 | The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or… | ||
| CVE-2016-1729 | Hig | 0.48 | 7.3 | 0.01 | Feb 1, 2016 | Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application. | ||
| CVE-2015-8472 | Hig | 0.48 | 7.3 | 0.06 | Jan 21, 2016 | Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified… | ||
| CVE-2015-1098 | Hig | 0.48 | 7.3 | 0.02 | Apr 10, 2015 | iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file. | ||
| CVE-2026-43656 | Hig | 0.47 | 7.3 | 0.00 | May 11, 2026 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Parsing a maliciously crafted file may lead to an unexpected app… | ||
| CVE-2026-43655 | Hig | 0.47 | 7.3 | 0.00 | May 11, 2026 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2025-24126 | Hig | 0.47 | 7.3 | 0.01 | Jan 27, 2025 | An input validation issue was addressed. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to corrupt process memory. | ||
| CVE-2023-38425 | Hig | 0.47 | 7.2 | 0.01 | Jul 27, 2023 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2022-42845 | Hig | 0.47 | 7.2 | 0.02 | Dec 15, 2022 | The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel… | ||
| CVE-2016-1718 | Hig | 0.47 | 7.3 | 0.00 | Feb 1, 2016 | The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | ||
| CVE-2016-0777 | Med | 0.47 | 6.5 | 0.63 | Jan 14, 2016 | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key. | ||
| CVE-2022-26758 | Hig | 0.46 | 7.1 | 0.00 | Jun 10, 2026 | A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. | ||
| CVE-2025-46284 | Hig | 0.46 | 7.0 | 0.00 | May 26, 2026 | A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to gain root privileges. | ||
| CVE-2026-28941 | Hig | 0.46 | 7.1 | 0.00 | May 11, 2026 | The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents. | ||
| CVE-2024-40858 | Hig | 0.46 | 7.1 | 0.00 | Apr 2, 2026 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access Contacts without user consent. |
- risk 0.49cvss 7.5epss 0.02
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
- risk 0.49cvss 7.5epss 0.02
CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output.
- risk 0.49cvss 7.5epss 0.03
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
- risk 0.49cvss 7.5epss 0.04
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
- risk 0.49cvss 7.5epss 0.03
Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support.
- risk 0.49cvss 7.5epss 0.03
The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors.
- risk 0.49cvss 7.5epss 0.02
MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.
- risk 0.49cvss 7.5epss 0.01
Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors.
- risk 0.49cvss 7.5epss 0.04
The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors.
- risk 0.49cvss 7.5epss 0.01
The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.
- risk 0.49cvss 7.5epss 0.02
Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
- risk 0.49cvss 7.5epss 0.01
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.
- risk 0.49cvss 7.4epss 0.06
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check…
- risk 0.49cvss 7.5epss 0.04
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to…
- risk 0.49cvss 7.5epss 0.03
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or…
- risk 0.49cvss 7.5epss 0.04
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client…
- risk 0.49cvss 7.5epss 0.53
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document…
- risk 0.49cvss 7.5epss 0.02
iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network.
- risk 0.49cvss 7.5epss 0.03
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
- risk 0.49cvss 7.5epss 0.03
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a…
- risk 0.49cvss 8.1epss 0.45
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
- risk 0.49cvss 7.5epss 0.02
Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate…
- risk 0.49cvss 7.5epss 0.03
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not…
- risk 0.48cvss 5.5epss 0.00
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may…
- risk 0.48cvss 7.3epss 0.01
The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.
- risk 0.48cvss 7.4epss 0.01
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
- risk 0.48cvss 7.4epss 0.01
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A sandboxed app may be able to access sensitive user data.
- risk 0.48cvss 5.5epss 0.05
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS…
- risk 0.48cvss 5.5epss 0.01
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state.…
- risk 0.48cvss 5.5epss 0.01
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel…
- risk 0.48cvss 7.3epss 0.01
This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution.
- risk 0.48cvss 7.4epss 0.02
An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect…
- risk 0.48cvss 7.4epss 0.01
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct…
- risk 0.48cvss 7.4epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site.
- risk 0.48cvss 7.3epss 0.01
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."
- risk 0.48cvss 8.4epss 0.01
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or…
- risk 0.48cvss 7.3epss 0.01
Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application.
- risk 0.48cvss 7.3epss 0.06
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified…
- risk 0.48cvss 7.3epss 0.02
iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
- risk 0.47cvss 7.3epss 0.00
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Parsing a maliciously crafted file may lead to an unexpected app…
- risk 0.47cvss 7.3epss 0.00
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or read kernel memory.
- risk 0.47cvss 7.3epss 0.01
An input validation issue was addressed. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to corrupt process memory.
- risk 0.47cvss 7.2epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.
- risk 0.47cvss 7.2epss 0.02
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel…
- risk 0.47cvss 7.3epss 0.00
The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
- risk 0.47cvss 6.5epss 0.63
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
- risk 0.46cvss 7.1epss 0.00
A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4.
- risk 0.46cvss 7.0epss 0.00
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to gain root privileges.
- risk 0.46cvss 7.1epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
- risk 0.46cvss 7.1epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access Contacts without user consent.
Page 50 of 169