Lucene search

K
AppleMac Os X

3225 matches found

CVE
CVE
added 2021/04/02 6:15 p.m.83 views

CVE-2021-1746

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00459EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.83 views

CVE-2021-1786

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to create or modify system files.

5.5CVSS5.3AI score0.00065EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.83 views

CVE-2021-1846

Processing a maliciously crafted audio file may disclose restricted memory. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds read was addressed with improved input validation.

5.5CVSS5.7AI score0.00296EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.83 views

CVE-2021-1876

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00813EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.83 views

CVE-2021-30679

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An application may be able to gain elevated privileges.

7.8CVSS8AI score0.00225EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.83 views

CVE-2021-30681

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be...

9.3CVSS7.2AI score0.00157EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.83 views

CVE-2021-30788

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory c...

7.1CVSS6.8AI score0.00322EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.83 views

CVE-2021-30789

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8AI score0.00623EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.83 views

CVE-2021-30828

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root.

5.5CVSS5.3AI score0.00042EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.83 views

CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.

7.8CVSS7.8AI score0.00344EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.83 views

CVE-2021-30913

The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. An unprivileged application may be able to edit NVRAM variables.

5.5CVSS5.3AI score0.00247EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.83 views

CVE-2022-22597

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00281EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.83 views

CVE-2022-32807

This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files.

7.1CVSS7AI score0.00045EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.83 views

CVE-2022-32819

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

7.8CVSS7.4AI score0.00032EPSS
CVE
CVE
added 2015/01/10 7:59 p.m.82 views

CVE-2014-9495

Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.

10CVSS7.4AI score0.02533EPSS
CVE
CVE
added 2015/08/11 2:59 p.m.82 views

CVE-2015-5522

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

6.8CVSS6.8AI score0.04193EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.82 views

CVE-2017-13825

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted font file.

7.8CVSS8.3AI score0.00518EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4354

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.6CVSS7.4AI score0.00335EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4394

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.

7.8CVSS7.1AI score0.00335EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.82 views

CVE-2019-6207

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.4AI score0.00656EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.82 views

CVE-2019-8521

This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files.

5.8CVSS5.7AI score0.00356EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.82 views

CVE-2019-8564

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.

7.5CVSS6.8AI score0.00241EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.82 views

CVE-2020-29619

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS7AI score0.00352EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.82 views

CVE-2020-9884

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00418EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.82 views

CVE-2020-9945

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS4.5AI score0.0034EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.82 views

CVE-2021-1759

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

9.3CVSS8AI score0.00432EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.82 views

CVE-2021-1832

Copied files may not have the expected file permissions. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. The issue was addressed with improved permissions logic.

5.5CVSS5.8AI score0.00166EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.82 views

CVE-2021-30683

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application could execute arbitrary code leading to compromise of user information.

7.8CVSS8.2AI score0.00528EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.82 views

CVE-2021-30716

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to perform denial of service.

5.9CVSS6AI score0.00645EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.82 views

CVE-2021-30775

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8.2AI score0.00424EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.82 views

CVE-2021-30939

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00494EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.82 views

CVE-2021-30979

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary c...

7.8CVSS7.9AI score0.00607EPSS
CVE
CVE
added 2024/06/10 9:15 p.m.82 views

CVE-2024-27820

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.

8.8CVSS7.1AI score0.00424EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.81 views

CVE-2010-2497

Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9.5AI score0.02089EPSS
CVE
CVE
added 2010/11/17 1:0 a.m.81 views

CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a...

4.3CVSS5.6AI score0.00728EPSS
CVE
CVE
added 2011/09/19 12:2 p.m.81 views

CVE-2011-2834

Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

6.8CVSS8.2AI score0.01811EPSS
CVE
CVE
added 2012/07/03 7:55 p.m.81 views

CVE-2012-1147

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

4.3CVSS7.9AI score0.01082EPSS
CVE
CVE
added 2015/07/03 2:0 a.m.81 views

CVE-2015-3717

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

7.5CVSS6.5AI score0.01438EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.81 views

CVE-2017-13815

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

10CVSS8.3AI score0.01839EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.81 views

CVE-2017-13833

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.2AI score0.00187EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2017-7000

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.5AI score0.00615EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2018-4157

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary code in a privileged ...

7.6CVSS7.3AI score0.00152EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.81 views

CVE-2018-4304

A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

5CVSS5.8AI score0.00212EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.81 views

CVE-2018-4371

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

7.8CVSS6.6AI score0.00259EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.81 views

CVE-2019-8530

This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files.

5.8CVSS5.7AI score0.0042EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.81 views

CVE-2020-3853

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS7.6AI score0.00414EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.81 views

CVE-2020-9842

An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions.

7.1CVSS6.2AI score0.00331EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.81 views

CVE-2020-9874

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.81 views

CVE-2020-9879

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.81 views

CVE-2021-1738

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00364EPSS
Total number of security vulnerabilities3225