Vendor CVEs
Apple Inc.
All CVEs
8,452 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-27928 | Low | 0.21 | 3.3 | 0.00 | May 8, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to access information about a… | ||
| CVE-2023-23541 | Low | 0.21 | 3.3 | 0.00 | May 8, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts. | ||
| CVE-2023-23523 | Low | 0.21 | 3.3 | 0.00 | May 8, 2023 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup. | ||
| CVE-2023-23505 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access… | ||
| CVE-2023-23498 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2023 | A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account. | ||
| CVE-2023-23493 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2023 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password. | ||
| CVE-2022-42838 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2023 | An issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving video after the app which activated was closed. | ||
| CVE-2022-32913 | Low | 0.21 | 3.3 | 0.00 | Nov 1, 2022 | The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera. | ||
| CVE-2022-32835 | Low | 0.21 | 3.3 | 0.00 | Nov 1, 2022 | This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier. | ||
| CVE-2022-22656 | Low | 0.21 | 3.3 | 0.00 | Mar 18, 2022 | An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching… | ||
| CVE-2022-22598 | Low | 0.21 | 3.3 | 0.00 | Mar 18, 2022 | An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access. | ||
| CVE-2017-2375 | Low | 0.21 | 3.3 | 0.00 | Dec 23, 2021 | An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud. | ||
| CVE-2021-30671 | Low | 0.21 | 3.3 | 0.01 | Sep 8, 2021 | A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to send unauthorized Apple events to Finder. | ||
| CVE-2021-30994 | Low | 0.21 | 3.3 | 0.01 | Aug 24, 2021 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. | ||
| CVE-2021-30908 | Low | 0.21 | 3.3 | 0.00 | Aug 24, 2021 | An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen. | ||
| CVE-2021-30875 | Low | 0.21 | 3.3 | 0.00 | Aug 24, 2021 | A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen. | ||
| CVE-2021-1803 | Low | 0.21 | 3.3 | 0.01 | Apr 2, 2021 | The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A local application may be able to enumerate the user's iCloud documents. | ||
| CVE-2021-1771 | Low | 0.21 | 3.3 | 0.01 | Apr 2, 2021 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. A user that is removed from an iMessage group could rejoin the group. | ||
| CVE-2020-29623 | Low | 0.21 | 3.3 | 0.00 | Apr 2, 2021 | "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be… | ||
| CVE-2020-9786 | Low | 0.21 | 3.3 | 0.01 | Oct 27, 2020 | This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose. | ||
| CVE-2019-8857 | Low | 0.21 | 3.3 | 0.00 | Oct 27, 2020 | The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel. | ||
| CVE-2019-8809 | Low | 0.21 | 3.3 | 0.00 | Oct 27, 2020 | A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier. | ||
| CVE-2019-8642 | Low | 0.21 | 3.3 | 0.00 | Oct 27, 2020 | An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted… | ||
| CVE-2020-9912 | Low | 0.21 | 3.3 | 0.00 | Oct 16, 2020 | A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode. | ||
| CVE-2020-9780 | Low | 0.21 | 3.3 | 0.00 | Apr 1, 2020 | The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher. | ||
| CVE-2020-9776 | Low | 0.21 | 3.3 | 0.01 | Apr 1, 2020 | This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to access a user's call history. | ||
| CVE-2020-9773 | Low | 0.21 | 3.3 | 0.01 | Apr 1, 2020 | The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and iPadOS 14.0. A malicious application may be able to identify what other applications a user has installed. | ||
| CVE-2020-3873 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2020 | This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews. | ||
| CVE-2020-3844 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2020 | This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state. | ||
| CVE-2020-3830 | Low | 0.21 | 3.3 | 0.00 | Feb 27, 2020 | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files. | ||
| CVE-2019-8730 | Low | 0.21 | 3.3 | 0.00 | Dec 18, 2019 | The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes. | ||
| CVE-2019-8630 | Low | 0.21 | 3.3 | 0.00 | Dec 18, 2019 | The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking. | ||
| CVE-2019-8541 | Low | 0.21 | 3.3 | 0.00 | Dec 18, 2019 | A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs. | ||
| CVE-2018-4446 | Low | 0.21 | 3.3 | 0.01 | Apr 3, 2019 | This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1. | ||
| CVE-2018-4352 | Low | 0.21 | 3.3 | 0.00 | Apr 3, 2019 | A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12. | ||
| CVE-2018-4322 | Low | 0.21 | 3.3 | 0.00 | Apr 3, 2019 | This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. | ||
| CVE-2017-13877 | Low | 0.21 | 3.3 | 0.01 | Apr 3, 2018 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app. | ||
| CVE-2017-13801 | Low | 0.21 | 3.3 | 0.00 | Nov 13, 2017 | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search. | ||
| CVE-2017-7138 | Low | 0.21 | 3.3 | 0.00 | Oct 23, 2017 | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner. | ||
| CVE-2017-2384 | Low | 0.21 | 3.3 | 0.00 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode. | ||
| CVE-2016-7714 | Low | 0.21 | 3.3 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via… | ||
| CVE-2016-7625 | Low | 0.21 | 3.3 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | ||
| CVE-2016-7624 | Low | 0.21 | 3.3 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | ||
| CVE-2016-7620 | Low | 0.21 | 3.3 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | ||
| CVE-2016-4670 | Low | 0.21 | 3.3 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log. | ||
| CVE-2016-4749 | Low | 0.21 | 3.3 | 0.00 | Sep 18, 2016 | Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file. | ||
| CVE-2016-4645 | Low | 0.21 | 3.3 | 0.00 | Jul 22, 2016 | CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors. | ||
| CVE-2016-1862 | Low | 0.21 | 3.3 | 0.01 | Jun 19, 2016 | Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860. | ||
| CVE-2016-1860 | Low | 0.21 | 3.3 | 0.01 | Jun 19, 2016 | Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862. | ||
| CVE-2016-1849 | Low | 0.21 | 3.3 | 0.00 | May 20, 2016 | The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory. |
- risk 0.21cvss 3.3epss 0.00
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to access information about a…
- risk 0.21cvss 3.3epss 0.00
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user’s contacts.
- risk 0.21cvss 3.3epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup.
- risk 0.21cvss 3.3epss 0.00
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access…
- risk 0.21cvss 3.3epss 0.00
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account.
- risk 0.21cvss 3.3epss 0.00
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.
- risk 0.21cvss 3.3epss 0.00
An issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving video after the app which activated was closed.
- risk 0.21cvss 3.3epss 0.00
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.
- risk 0.21cvss 3.3epss 0.00
This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.
- risk 0.21cvss 3.3epss 0.00
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching…
- risk 0.21cvss 3.3epss 0.00
An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.
- risk 0.21cvss 3.3epss 0.00
An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud.
- risk 0.21cvss 3.3epss 0.01
A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to send unauthorized Apple events to Finder.
- risk 0.21cvss 3.3epss 0.01
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.
- risk 0.21cvss 3.3epss 0.00
An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen.
- risk 0.21cvss 3.3epss 0.00
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen.
- risk 0.21cvss 3.3epss 0.01
The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A local application may be able to enumerate the user's iCloud documents.
- risk 0.21cvss 3.3epss 0.01
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. A user that is removed from an iMessage group could rejoin the group.
- risk 0.21cvss 3.3epss 0.00
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be…
- risk 0.21cvss 3.3epss 0.01
This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose.
- risk 0.21cvss 3.3epss 0.00
The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel.
- risk 0.21cvss 3.3epss 0.00
A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier.
- risk 0.21cvss 3.3epss 0.00
An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted…
- risk 0.21cvss 3.3epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.
- risk 0.21cvss 3.3epss 0.00
The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher.
- risk 0.21cvss 3.3epss 0.01
This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to access a user's call history.
- risk 0.21cvss 3.3epss 0.01
The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and iPadOS 14.0. A malicious application may be able to identify what other applications a user has installed.
- risk 0.21cvss 3.3epss 0.00
This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews.
- risk 0.21cvss 3.3epss 0.00
This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state.
- risk 0.21cvss 3.3epss 0.00
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files.
- risk 0.21cvss 3.3epss 0.00
The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes.
- risk 0.21cvss 3.3epss 0.00
The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking.
- risk 0.21cvss 3.3epss 0.00
A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs.
- risk 0.21cvss 3.3epss 0.01
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1.
- risk 0.21cvss 3.3epss 0.00
A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12.
- risk 0.21cvss 3.3epss 0.00
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.
- risk 0.21cvss 3.3epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via…
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log.
- risk 0.21cvss 3.3epss 0.00
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.
- risk 0.21cvss 3.3epss 0.00
CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.
- risk 0.21cvss 3.3epss 0.01
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.
- risk 0.21cvss 3.3epss 0.01
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.
- risk 0.21cvss 3.3epss 0.00
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory.
Page 99 of 170