27 matches found
CVE-2025-43524
creationtimestamp| type| source ---|---|--- 2026-05-12 10:21:51+00:00| seen| https://www.thezdi.com/blog/2026/5/12/the-apple-macos-security-update-review 2026-05-12 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities20260513...
EUVD-2026-29231
This issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An attacker may be able to track users through their IP address...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. There is a security vulnerability in Apple macOS, which stems from parsing issues with directory path handling, potentially allowing applications to obtain root privileges. The following...
VulnCheck KEV: CVE-2025-43512
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to elevate privileges...
Medium: webkitgtk4
Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. CVE-2025-43213 The iss...
CVE-2026-20694
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS Tahoe 26.4. An app may be able to access user-sensitive data...
CVE-2025-43365
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An unprivileged process may be able to terminate a root processes...
CVE-2025-43309
A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen...
curl: Apple SecTrust legacy path accepts untrusted certificates on pre-10.14 macOS/iOS when built with USE_APPLE_SECTRUST
Summary: When libcurl is built with USEAPPLESECTRUST and runs on Apple OS versions that lack SecTrustEvaluateWithError macOS 10.14 / iOS 12, the legacy verification path miscompares OSStatus to SecTrustResultType and never checks the SecTrust result. This can cause untrusted certificates to be...
EUVD-2021-7345
Malicious code in bioql PyPI...
EUVD-2025-29325
Malicious code in bioql PyPI...
macOS 15.x < 15.7 Multiple Vulnerabilities (125111)
The remote host is running a version of macOS / Mac OS X that is 15.x prior to 15.7. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be...
CVE-2025-55177
Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...
CVE-2023-38614
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive user data...
Apple macOS Ventura Security Vulnerability
Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.6.3, which stems from an application that may be able to access protected user data...
CVE-2022-46724
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...
SUSE CVE-2014-4362
The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID information via a crafted app...
CVE-2021-30816
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information...
webkitgtk: Browsing history could not be deleted
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items...