Lucene search

K

1663 matches found

CVE
CVE
added 2019/12/18 6:15 p.m.260 views

CVE-2019-8819

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary c...

8.8CVSS8.6AI score0.00518EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.260 views

CVE-2020-9862

A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspe...

7.8CVSS8AI score0.00395EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.259 views

CVE-2021-30936

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.01133EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.259 views

CVE-2023-42849

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kerne...

6.5CVSS6.1AI score0.00241EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.257 views

CVE-2023-41976

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00346EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.257 views

CVE-2023-41982

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS4.7AI score0.00087EPSS
CVE
CVE
added 2024/03/05 8:16 p.m.257 views

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

7.8CVSS7AI score0.00085EPSS
In wild
CVE
CVE
added 2023/10/25 7:15 p.m.256 views

CVE-2023-42857

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

3.3CVSS3.5AI score0.00035EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.255 views

CVE-2019-8769

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.

4.3CVSS4.9AI score0.00151EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.255 views

CVE-2019-8783

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary c...

8.8CVSS8.6AI score0.00408EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.255 views

CVE-2019-8835

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary c...

9.3CVSS8.6AI score0.0057EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.255 views

CVE-2023-40416

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory.

6.5CVSS5.7AI score0.00285EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.255 views

CVE-2023-40423

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00046EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.253 views

CVE-2022-22600

The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences.

5.5CVSS5.6AI score0.00748EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.253 views

CVE-2023-41997

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS4.7AI score0.00087EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.251 views

CVE-2023-42847

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication.

7.5CVSS6.6AI score0.00202EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.250 views

CVE-2020-11761

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.

5.5CVSS5.5AI score0.00363EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.249 views

CVE-2020-9893

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected applicati...

8.8CVSS9AI score0.00502EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.249 views

CVE-2021-30734

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00252EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.248 views

CVE-2019-8814

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary c...

9.3CVSS8.6AI score0.00704EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.247 views

CVE-2019-8782

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00272EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.247 views

CVE-2023-40413

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information.

5.5CVSS4.9AI score0.00034EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.246 views

CVE-2023-41977

The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14.1, iOS 16.7.2 and iPadOS 16.7.2. Visiting a malicious website may reveal browsing history.

4.3CVSS4.8AI score0.00169EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.245 views

CVE-2020-11758

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.

5.5CVSS5.5AI score0.0039EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.245 views

CVE-2023-40449

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to cause a denial-of-service.

5.5CVSS5.1AI score0.00025EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.244 views

CVE-2019-8813

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6.1AI score0.00336EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.243 views

CVE-2020-11760

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

5.5CVSS5.5AI score0.00388EPSS
CVE
CVE
added 2023/10/25 7:15 p.m.242 views

CVE-2023-41988

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

6.8CVSS6AI score0.00115EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.241 views

CVE-2022-26700

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8.3AI score0.00165EPSS
CVE
CVE
added 2024/11/20 12:15 a.m.241 views

CVE-2024-44309

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple...

6.3CVSS5.3AI score0.00543EPSS
In wild
CVE
CVE
added 2020/04/14 11:15 p.m.240 views

CVE-2020-11765

An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.

5.5CVSS5.4AI score0.0035EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.240 views

CVE-2020-3864

A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.

7.8CVSS7.3AI score0.00055EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.240 views

CVE-2020-9952

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.

7.1CVSS6.6AI score0.00422EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.238 views

CVE-2019-8808

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00331EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.238 views

CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.

5.5CVSS5.5AI score0.0039EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.237 views

CVE-2019-8823

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary c...

8.8CVSS8.6AI score0.00518EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.237 views

CVE-2021-30720

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.

5.8CVSS5.7AI score0.00464EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.236 views

CVE-2021-30689

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00573EPSS
CVE
CVE
added 2022/05/26 7:15 p.m.236 views

CVE-2022-26706

An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions.

5.5CVSS6AI score0.01331EPSS
CVE
CVE
added 2022/05/26 7:15 p.m.236 views

CVE-2022-26711

An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS8.9AI score0.01615EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.235 views

CVE-2021-30797

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8AI score0.00516EPSS
CVE
CVE
added 2021/07/20 7:15 a.m.234 views

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

6.5CVSS6.8AI score0.00106EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.233 views

CVE-2021-30744

Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site sc...

6.1CVSS6.1AI score0.00573EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.233 views

CVE-2023-23520

A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root.

5.9CVSS4.8AI score0.0008EPSS
CVE
CVE
added 2022/01/20 6:15 p.m.231 views

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable a race condition enabling symlink following (CWE-363)....

7.3CVSS6.4AI score0.00785EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.228 views

CVE-2020-3862

A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.

6.5CVSS6.3AI score0.00216EPSS
CVE
CVE
added 2024/01/09 6:15 p.m.223 views

CVE-2022-48618

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been expl...

7CVSS6.3AI score0.0018EPSS
In wild
CVE
CVE
added 2021/09/08 2:15 p.m.221 views

CVE-2021-30749

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00562EPSS
CVE
CVE
added 2025/04/16 7:15 p.m.217 views

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that th...

7.5CVSS5.6AI score0.0019EPSS
In wild
CVE
CVE
added 2019/12/18 6:15 p.m.216 views

CVE-2019-8763

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary cod...

8.8CVSS8.5AI score0.01106EPSS
Total number of security vulnerabilities1663