Lucene search

K

1583 matches found

CVE
CVE
added 2022/12/15 7:15 p.m.199 views

CVE-2022-46692

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.

5.5CVSS5.9AI score0.00007EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.198 views

CVE-2023-23530

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

8.6CVSS8AI score0.00071EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.197 views

CVE-2021-30818

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00441EPSS
CVE
CVE
added 2019/12/11 3:15 p.m.196 views

CVE-2019-14899

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknow...

7.4CVSS7.3AI score0.00055EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.196 views

CVE-2023-38604

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel...

9.8CVSS8.4AI score0.00341EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.195 views

CVE-2022-42817

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. Visiting a maliciously crafted website may leak sensitive data.

6.5CVSS6.3AI score0.004EPSS
CVE
CVE
added 2020/05/08 8:15 p.m.194 views

CVE-2020-6616

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 ...

6.5CVSS7.5AI score0.00122EPSS
CVE
CVE
added 2022/12/15 7:15 p.m.194 views

CVE-2022-42867

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.07111EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.193 views

CVE-2023-32445

This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack.

6.1CVSS5.4AI score0.00468EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.193 views

CVE-2023-36495

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

9.8CVSS8.4AI score0.00355EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.191 views

CVE-2022-42799

The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.

6.1CVSS6AI score0.00613EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.191 views

CVE-2023-37285

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

9.8CVSS8.3AI score0.0039EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.189 views

CVE-2023-38598

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel priv...

9.8CVSS8.4AI score0.00463EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.188 views

CVE-2020-9947

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.0083EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.187 views

CVE-2023-38590

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system terminati...

8.8CVSS7.7AI score0.01625EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.186 views

CVE-2021-30809

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00777EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.186 views

CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.

6.5CVSS6AI score0.00502EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.186 views

CVE-2021-30952

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00421EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.186 views

CVE-2022-26762

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges.

7.8CVSS8.1AI score0.00144EPSS
CVE
CVE
added 2025/02/10 7:15 p.m.186 views

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

6.5CVSS6.4AI score0.0017EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.184 views

CVE-2021-1826

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6.1AI score0.01044EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.184 views

CVE-2022-32784

The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.

6.5CVSS5.4AI score0.00122EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.182 views

CVE-2021-30984

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

7.5CVSS7.9AI score0.00879EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.181 views

CVE-2020-11759

An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.

5.5CVSS6.1AI score0.00718EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.181 views

CVE-2021-30953

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00617EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.181 views

CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7CVSS5.4AI score0.00059EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.180 views

CVE-2021-30954

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8AI score0.00366EPSS
CVE
CVE
added 2022/03/13 6:15 p.m.180 views

CVE-2022-26981

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

7.8CVSS7.8AI score0.00344EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.180 views

CVE-2023-23496

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.00198EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.179 views

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

7.8CVSS8AI score0.00898EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.178 views

CVE-2021-30884

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.

4.7CVSS5.5AI score0.0028EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.178 views

CVE-2022-22590

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00358EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.178 views

CVE-2022-26709

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00162EPSS
CVE
CVE
added 2022/09/20 9:15 p.m.178 views

CVE-2022-32886

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00358EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.175 views

CVE-2021-30951

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.01133EPSS
CVE
CVE
added 2023/08/14 11:15 p.m.174 views

CVE-2023-28198

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00057EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.172 views

CVE-2022-22594

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

6.5CVSS6.4AI score0.00113EPSS
CVE
CVE
added 2022/12/15 7:15 p.m.169 views

CVE-2022-42852

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.3AI score0.00414EPSS
CVE
CVE
added 2022/12/15 7:15 p.m.168 views

CVE-2022-46699

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00447EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.168 views

CVE-2023-32393

The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00237EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.166 views

CVE-2022-26716

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00154EPSS
CVE
CVE
added 2025/03/31 11:15 p.m.166 views

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.9AI score0.00075EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.164 views

CVE-2023-23524

A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

7.5CVSS6.4AI score0.00093EPSS
CVE
CVE
added 2025/01/27 10:15 p.m.164 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00195EPSS
CVE
CVE
added 2025/05/12 10:15 p.m.164 views

CVE-2025-31257

This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.7CVSS5.8AI score0.00118EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.162 views

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

6.1CVSS6.2AI score0.00344EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.159 views

CVE-2022-22642

This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A user may be able to bypass the Emergency SOS passcode prompt.

9.8CVSS7.6AI score0.00256EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.159 views

CVE-2022-26719

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00154EPSS
CVE
CVE
added 2022/12/15 7:15 p.m.157 views

CVE-2022-42863

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00532EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.156 views

CVE-2022-22677

A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.

4.3CVSS4.8AI score0.00152EPSS
Total number of security vulnerabilities1583