Lucene search

K
AppleIphone Os

3695 matches found

CVE
CVE
added 2022/05/26 8:15 p.m.198 views

CVE-2022-26751

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execut...

7.8CVSS8.3AI score0.00627EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.198 views

CVE-2022-32823

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information.

5.5CVSS5.6AI score0.00033EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.197 views

CVE-2019-8658

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cro...

6.1CVSS6AI score0.00924EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.197 views

CVE-2021-30846

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00518EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.197 views

CVE-2023-23530

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

8.6CVSS8AI score0.00093EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.196 views

CVE-2019-8619

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00816EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.195 views

CVE-2019-8571

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00811EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.195 views

CVE-2023-38604

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel...

9.8CVSS8.4AI score0.00345EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.194 views

CVE-2019-8821

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary c...

8.8CVSS8.6AI score0.01007EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.194 views

CVE-2022-42817

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. Visiting a maliciously crafted website may leak sensitive data.

6.5CVSS6.3AI score0.00262EPSS
CVE
CVE
added 2024/01/09 6:15 p.m.194 views

CVE-2022-48618

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been expl...

7CVSS6.3AI score0.0018EPSS
CVE
CVE
added 2015/08/14 6:59 p.m.193 views

CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

5CVSS6.5AI score0.02464EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.193 views

CVE-2020-3900

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitra...

8.8CVSS9.1AI score0.00363EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.193 views

CVE-2021-30890

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00296EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.192 views

CVE-2019-8609

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00811EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.192 views

CVE-2019-8610

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00811EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.192 views

CVE-2023-32445

This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack.

6.1CVSS5.4AI score0.00531EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.192 views

CVE-2023-36495

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

9.8CVSS8.4AI score0.00487EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.191 views

CVE-2019-8674

A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6AI score0.00728EPSS
CVE
CVE
added 2020/05/08 8:15 p.m.191 views

CVE-2020-6616

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 ...

6.5CVSS7.5AI score0.00122EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.191 views

CVE-2021-1817

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.9AI score0.00368EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.191 views

CVE-2021-30682

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.

5.5CVSS5.6AI score0.00309EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.190 views

CVE-2019-8523

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.9AI score0.01288EPSS
CVE
CVE
added 2019/02/18 5:29 p.m.190 views

CVE-2019-8906

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

4.4CVSS4.8AI score0.0009EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.190 views

CVE-2021-30851

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8.5AI score0.0073EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.190 views

CVE-2023-37285

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.

9.8CVSS8.3AI score0.00345EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.189 views

CVE-2021-30887

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.

6.5CVSS6.3AI score0.0036EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.188 views

CVE-2019-8594

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00811EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.188 views

CVE-2023-38598

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel priv...

9.8CVSS8.4AI score0.00468EPSS
CVE
CVE
added 2017/05/22 5:29 a.m.187 views

CVE-2017-2518

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of ...

9.8CVSS8.7AI score0.05809EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.187 views

CVE-2021-30889

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS7.4AI score0.00738EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.186 views

CVE-2020-3897

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.

9.3CVSS8.8AI score0.00555EPSS
CVE
CVE
added 2023/05/08 8:15 p.m.185 views

CVE-2022-32885

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution

8.8CVSS8.6AI score0.00139EPSS
CVE
CVE
added 2023/07/28 5:15 a.m.185 views

CVE-2023-38590

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system terminati...

8.8CVSS7.7AI score0.02217EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.184 views

CVE-2017-2478

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged cont...

7.6CVSS7.3AI score0.03911EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.184 views

CVE-2022-26762

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges.

7.8CVSS8.1AI score0.00139EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.183 views

CVE-2018-4162

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compon...

8.8CVSS8.7AI score0.40022EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.183 views

CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.183 views

CVE-2021-30934

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.6AI score0.01431EPSS
CVE
CVE
added 2023/02/27 8:15 p.m.182 views

CVE-2022-32784

The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.

6.5CVSS5.4AI score0.00122EPSS
CVE
CVE
added 2017/09/12 3:29 p.m.181 views

CVE-2017-14315

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attack...

7.9CVSS7.5AI score0.00074EPSS
CVE
CVE
added 2019/12/11 3:15 p.m.181 views

CVE-2019-14899

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknow...

7.4CVSS7.3AI score0.00055EPSS
CVE
CVE
added 2025/04/16 7:15 p.m.181 views

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that th...

7.5CVSS5.6AI score0.00201EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.180 views

CVE-2016-4448

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

10CVSS9.5AI score0.02596EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.180 views

CVE-2020-3885

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.

4.3CVSS5.6AI score0.00294EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.180 views

CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7CVSS5.4AI score0.00059EPSS
CVE
CVE
added 2022/12/15 7:15 p.m.180 views

CVE-2022-46692

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.

5.5CVSS5.9AI score0.00008EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.178 views

CVE-2020-11759

An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.

5.5CVSS6.1AI score0.00718EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.178 views

CVE-2020-3902

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site script...

6.1CVSS6.5AI score0.00322EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.178 views

CVE-2021-30818

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00333EPSS
Total number of security vulnerabilities3695