Lucene search
K

8351 matches found

CVE
CVE
added 2023/02/27 12:0 a.m.103 views

CVE-2023-23504

CVE-2023-23504 is an Apple vulnerability where a memory-handling issue could allow an app to execute arbitrary code with kernel privileges. The fixed versions include macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3, iPadOS 15.7.3, tvOS 16.3, iOS 16.3, and iPadOS 16.3. Sources c...

7.8CVSS7AI score0.00339EPSS
Exploits0References6Affected Software5
Cvelist
Cvelist
added 2023/02/27 12:0 a.m.15 views

CVE-2023-23496

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...

8.5AI score0.0089EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/02/27 12:0 a.m.27 views

CVE-2023-23503

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences...

5.8AI score0.00218EPSS
Exploits0References5
CVE
CVE
added 2023/02/27 12:0 a.m.253 views

CVE-2023-23520

CVE-2023-23520 involves a race condition in the Apple Crash Reporter that could allow a user to read arbitrary files as root. The issue was addressed with additional validation and patched in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3, and iPadOS 16.3. Affected components and exact root...

5.9CVSS4.8AI score0.00807EPSS
Exploits0References4Affected Software3
Cvelist
Cvelist
added 2023/02/27 12:0 a.m.22 views

CVE-2023-23500

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state...

5.6AI score0.00234EPSS
Exploits0References5
CVE
CVE
added 2023/02/27 12:0 a.m.120 views

CVE-2023-23531

CVE-2023-23531 affects Apple platforms (macOS Ventura 13.2, iOS 16.3, iPadOS 16.3) and was caused by memory-handling issues that could let an app execute arbitrary code in its sandbox or with elevated privileges. Apple indicates the issue is fixed in the listed updates. Any exploitation requires ...

8.6CVSS8AI score0.01751EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2023/02/27 12:0 a.m.93 views

CVE-2022-32855

CVE-2022-32855 is an Apple vulnerability affecting the iOS/iPadOS Home component, caused by a logic issue in state management that could allow a user to view restricted content from the lock screen. Apple fixed this with iOS 15.6 and iPadOS 15.6. The CVE is documented across multiple feeds (NVD, ...

5.5CVSS4.3AI score0.00214EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2023/02/27 12:0 a.m.92 views

CVE-2022-26760

CVE-2022-26760 is a memory corruption issue in Apple's Wi‑Fi stack that was addressed with improved state management. Affected products are iOS and iPadOS; fixed in iOS 15.5 / iPadOS 15.5. Remediation: update to the 15.5 (or later) releases. Exploitation details are not provided in the supplied d...

9.8CVSS7.9AI score0.00697EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2023/02/27 12:0 a.m.81 views

CVE-2022-32949

CVE-2022-32949 : Apple lists this as an issue affecting iOS/iPadOS with the impact that an app may be able to execute arbitrary code with kernel privileges. The Apple security content for iOS 15.7.1 / iPadOS 15.7.1 (and tvOS 16) states the issue is fixed by updated checks and memory handling. The...

7.8CVSS7AI score0.00233EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2023/02/27 12:0 a.m.169 views

CVE-2022-46705

CVE-2022-46705 is a spoofing vulnerability in the handling of URLs that can enable address-bar spoofing when visiting a malicious site. The initial description notes improved input validation and lists affected platforms (Apple products) with fixes in iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, an...

4.3CVSS3.5AI score0.00965EPSS
Exploits0References8Affected Software6
CVE
CVE
added 2023/02/27 12:0 a.m.189 views

CVE-2023-23496

CVE-2023-23496 affects Apple Safari/WebKit components; exploitation arises from processing maliciously crafted web content, leading to arbitrary code execution. Publicly documented impact includes macOS Ventura 13.2, macOS Monterey Big Sur/Big Sur? /, iOS 15.7.2 / 16.3, iPadOS 15.7.2 / 16.3, watc...

8.8CVSS8.2AI score0.0089EPSS
Exploits0References7Affected Software6
Vulnrichment
Vulnrichment
added 2023/02/27 12:0 a.m.11 views

CVE-2023-23500

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state...

4.2AI score0.00234EPSS
Exploits0References5
CVE
CVE
added 2023/02/27 12:0 a.m.139 views

CVE-2023-23500

CVE-2023-23500 is a memory-handling issue in Apple operating systems that could allow an app to leak sensitive kernel state. The vulnerability is addressed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, and in older releases iOS 15.7.3/iPadOS 15.7.3, tvOS 16.3, and watchOS 9.3. Connected source...

5.5CVSS4.1AI score0.00234EPSS
Exploits0References5Affected Software5
Vulnrichment
Vulnrichment
added 2023/02/27 12:0 a.m.6 views

CVE-2022-32830

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information...

6.5AI score0.00622EPSS
Exploits0References2
CVE
CVE
added 2023/02/27 12:0 a.m.181 views

CVE-2023-23524

The CVE-2023-23524 issue is a denial-of-service vulnerability caused by improper input validation when processing a certificate. Affected Apple platforms include tvOS 16.3.2, iOS 16.3.1 / iPadOS 16.3.1, watchOS 9.3.1, and macOS Ventura 13.2.1. The root cause is improved input validation in the so...

7.5CVSS6.4AI score0.00605EPSS
Exploits0References4Affected Software5
Debian CVE
Debian CVE
added 2023/02/27 12:0 a.m.31 views

CVE-2022-42826

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.4AI score0.00775EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/02/27 12:0 a.m.40 views

CVE-2023-23529

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this...

8.8CVSS8.4AI score0.09502EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/02/27 12:0 a.m.31 views

CVE-2022-46705

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing...

4.3CVSS5.8AI score0.00965EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/02/22 12:56 p.m.92 views

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component CVE-2023-23520 that could enable a malicious actor to read arbitrary files as root. The iPhone...

0.6AI score0.01751EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.3 views

SUSE CVE-2019-8846

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code...

7.1CVSS7.8AI score0.02256EPSS
Exploits0References7
Rows per page
Query Builder