Vendor CVEs
Apple Inc.
All CVEs
8,436 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-9908 | Hig | 0.46 | 7.1 | 0.00 | Oct 22, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2020-9796 | Hig | 0.46 | 7.0 | 0.00 | Oct 22, 2020 | A race condition was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2020-9779 | Hig | 0.46 | 7.1 | 0.00 | Oct 22, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2020-9771 | Hig | 0.46 | 7.1 | 0.00 | Oct 22, 2020 | This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A user may gain access to protected parts of the file system. | ||
| CVE-2020-9952 | Hig | 0.46 | 7.1 | 0.01 | Oct 16, 2020 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site… | ||
| CVE-2020-9843 | Hig | 0.46 | 7.1 | 0.01 | Jun 9, 2020 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web… | ||
| CVE-2020-9842 | Hig | 0.46 | 7.1 | 0.01 | Jun 9, 2020 | An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform… | ||
| CVE-2020-9808 | Hig | 0.46 | 7.1 | 0.01 | Jun 9, 2020 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to cause unexpected system termination or write kernel memory. | ||
| CVE-2020-9805 | Hig | 0.46 | 7.1 | 0.01 | Jun 9, 2020 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead… | ||
| CVE-2020-3912 | Hig | 0.46 | 7.1 | 0.00 | Apr 1, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2020-3908 | Hig | 0.46 | 7.1 | 0.00 | Apr 1, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2020-3907 | Hig | 0.46 | 7.1 | 0.00 | Apr 1, 2020 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2020-3861 | Hig | 0.46 | 7.1 | 0.00 | Feb 27, 2020 | The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system. | ||
| CVE-2020-3831 | Hig | 0.46 | 7.0 | 0.01 | Feb 27, 2020 | A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2019-8606 | Hig | 0.46 | 7.0 | 0.00 | Dec 18, 2019 | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions. | ||
| CVE-2019-8576 | Hig | 0.46 | 7.1 | 0.00 | Dec 18, 2019 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2019-8545 | Hig | 0.46 | 7.1 | 0.00 | Dec 18, 2019 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory. | ||
| CVE-2018-4434 | Hig | 0.46 | 7.1 | 0.00 | Apr 3, 2019 | An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2. | ||
| CVE-2017-7151 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2019 | A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4. | ||
| CVE-2018-4183 | Hig | 0.46 | 8.2 | 0.00 | Jan 11, 2019 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | ||
| CVE-2018-4240 | Med | 0.46 | 6.5 | 0.07 | Jun 8, 2018 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service… | ||
| CVE-2018-4228 | Hig | 0.46 | 7.0 | 0.01 | Jun 8, 2018 | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages a race condition. | ||
| CVE-2018-4167 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute… | ||
| CVE-2018-4166 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary… | ||
| CVE-2018-4158 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged… | ||
| CVE-2018-4157 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary… | ||
| CVE-2018-4156 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2018-4155 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute… | ||
| CVE-2018-4154 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Storage" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2018-4152 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Notes" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2018-4151 | Hig | 0.46 | 7.0 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2017-13850 | Hig | 0.46 | 7.1 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Font Importer" component. It allows remote attackers to cause a denial of service (memory corruption) or obtain sensitive information from process memory via a crafted… | ||
| CVE-2017-7154 | Med | 0.46 | 6.6 | 0.01 | Dec 27, 2017 | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions or cause a denial of… | ||
| CVE-2017-13831 | Hig | 0.46 | 7.1 | 0.01 | Nov 13, 2017 | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image. | ||
| CVE-2017-13820 | Hig | 0.46 | 7.1 | 0.01 | Nov 13, 2017 | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font. | ||
| CVE-2015-3206 | Hig | 0.46 | 8.1 | 0.02 | Aug 25, 2017 | The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other unspecified impact by performing a man-in-the-middle attack. | ||
| CVE-2017-2480 | Med | 0.46 | 6.5 | 0.04 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows… | ||
| CVE-2017-2479 | Med | 0.46 | 6.5 | 0.06 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows… | ||
| CVE-2017-2450 | Hig | 0.46 | 7.1 | 0.01 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information… | ||
| CVE-2017-2442 | Med | 0.46 | 6.5 | 0.06 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a… | ||
| CVE-2017-2439 | Hig | 0.46 | 7.1 | 0.01 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive… | ||
| CVE-2017-2409 | Hig | 0.46 | 7.1 | 0.01 | Apr 2, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app. | ||
| CVE-2017-2367 | Med | 0.46 | 6.5 | 0.06 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information… | ||
| CVE-2017-2371 | Med | 0.46 | 6.5 | 0.06 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site. | ||
| CVE-2017-2365 | Med | 0.46 | 6.5 | 0.07 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive… | ||
| CVE-2017-2364 | Med | 0.46 | 6.5 | 0.07 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | ||
| CVE-2017-2363 | Med | 0.46 | 6.5 | 0.07 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin… | ||
| CVE-2016-4743 | Hig | 0.46 | 7.1 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive… | ||
| CVE-2016-4682 | Hig | 0.46 | 7.1 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and… | ||
| CVE-2016-4660 | Hig | 0.46 | 7.1 | 0.02 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive… |
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.0epss 0.00
A race condition was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges.
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.1epss 0.00
This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A user may gain access to protected parts of the file system.
- risk 0.46cvss 7.1epss 0.01
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site…
- risk 0.46cvss 7.1epss 0.01
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web…
- risk 0.46cvss 7.1epss 0.01
An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform…
- risk 0.46cvss 7.1epss 0.01
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to cause unexpected system termination or write kernel memory.
- risk 0.46cvss 7.1epss 0.01
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead…
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.1epss 0.00
The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system.
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.
- risk 0.46cvss 7.0epss 0.00
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions.
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.1epss 0.00
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.
- risk 0.46cvss 7.1epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2.
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.
- risk 0.46cvss 8.2epss 0.00
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.
- risk 0.46cvss 6.5epss 0.07
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service…
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages a race condition.
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute…
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary…
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged…
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary…
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute…
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Storage" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Notes" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
- risk 0.46cvss 7.0epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Font Importer" component. It allows remote attackers to cause a denial of service (memory corruption) or obtain sensitive information from process memory via a crafted…
- risk 0.46cvss 6.6epss 0.01
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions or cause a denial of…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image.
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font.
- risk 0.46cvss 8.1epss 0.02
The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other unspecified impact by performing a man-in-the-middle attack.
- risk 0.46cvss 6.5epss 0.04
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows…
- risk 0.46cvss 6.5epss 0.06
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information…
- risk 0.46cvss 6.5epss 0.06
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit JavaScript Bindings" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app.
- risk 0.46cvss 6.5epss 0.06
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information…
- risk 0.46cvss 6.5epss 0.06
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.
- risk 0.46cvss 6.5epss 0.07
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive…
- risk 0.46cvss 6.5epss 0.07
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
- risk 0.46cvss 6.5epss 0.07
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive…
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and…
- risk 0.46cvss 7.1epss 0.02
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive…
Page 53 of 169