Lucene search

K
AppleMac Os X

3225 matches found

CVE
CVE
added 2006/09/06 12:4 a.m.107 views

CVE-2006-4095

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

7.5CVSS7.4AI score0.09412EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.107 views

CVE-2016-7612

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory c...

9.3CVSS6.8AI score0.01352EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.107 views

CVE-2018-4227

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.

7.5CVSS6AI score0.00613EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.107 views

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.6AI score0.00613EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.107 views

CVE-2020-9794

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service...

8.1CVSS7AI score0.00959EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.107 views

CVE-2021-1818

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or a...

9.8CVSS8.2AI score0.03783EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.107 views

CVE-2021-30919

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead t...

7.8CVSS7.5AI score0.00601EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.107 views

CVE-2022-32787

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code exec...

8.8CVSS8.7AI score0.0013EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.106 views

CVE-2021-1761

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.

7.5CVSS6.5AI score0.01185EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.106 views

CVE-2021-30724

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local attacker may be able to elevate their privileges.

7.8CVSS7AI score0.00207EPSS
CVE
CVE
added 2015/11/17 3:59 p.m.105 views

CVE-2015-7995

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

5CVSS6.1AI score0.03037EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.105 views

CVE-2016-1840

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cr...

7.8CVSS8.6AI score0.0103EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.105 views

CVE-2018-4241

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary ...

9.3CVSS7AI score0.32986EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.105 views

CVE-2019-8802

A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges.

9.3CVSS6.8AI score0.00288EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.105 views

CVE-2022-26756

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.1AI score0.00292EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.105 views

CVE-2022-26757

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.04042EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.105 views

CVE-2022-32826

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

7.8CVSS7.4AI score0.00031EPSS
CVE
CVE
added 2022/08/24 8:15 p.m.105 views

CVE-2022-32857

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activi...

4.3CVSS5.3AI score0.00026EPSS
CVE
CVE
added 2013/03/05 9:38 p.m.104 views

CVE-2013-1775

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

6.9CVSS8.1AI score0.02226EPSS
CVE
CVE
added 2014/09/19 10:55 a.m.104 views

CVE-2014-4416

An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CV...

6.9CVSS7.2AI score0.00257EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.104 views

CVE-2016-1837

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a cr...

5.5CVSS6.6AI score0.00717EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.104 views

CVE-2017-2370

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS6.8AI score0.72581EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.104 views

CVE-2019-6213

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.3AI score0.06188EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.104 views

CVE-2019-8591

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.

8.8CVSS6.1AI score0.07151EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.104 views

CVE-2021-1793

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00462EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.104 views

CVE-2021-1857

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing...

6.5CVSS6.5AI score0.00605EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.104 views

CVE-2022-22656

An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen.

3.3CVSS4.6AI score0.00148EPSS
CVE
CVE
added 2014/11/18 3:59 p.m.103 views

CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.

5CVSS7.1AI score0.01666EPSS
CVE
CVE
added 2015/04/24 2:59 p.m.103 views

CVE-2015-3145

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote cha...

7.5CVSS9.4AI score0.65095EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.103 views

CVE-2016-7659

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and appl...

8.8CVSS7.8AI score0.00885EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.103 views

CVE-2020-9839

A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges.

7CVSS6.6AI score0.42287EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.103 views

CVE-2021-1811

A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously ...

6.5CVSS6.3AI score0.00605EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.103 views

CVE-2021-30835

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.9AI score0.00402EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.103 views

CVE-2021-30949

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel pr...

9.3CVSS7.8AI score0.00564EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.103 views

CVE-2022-22625

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memo...

7.1CVSS6.2AI score0.00368EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.103 views

CVE-2022-22647

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A person with access to a Mac may be able to bypass Login Window.

4.6CVSS4.9AI score0.00102EPSS
CVE
CVE
added 2022/08/24 8:15 p.m.103 views

CVE-2022-32838

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files.

5.5CVSS5.8AI score0.00043EPSS
CVE
CVE
added 2015/05/25 10:59 p.m.102 views

CVE-2014-8147

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service...

7.5CVSS9.4AI score0.4041EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.102 views

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.3AI score0.00399EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.102 views

CVE-2016-7633

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Directory Services" component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors.

7.8CVSS6.2AI score0.00171EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.102 views

CVE-2020-29618

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS7.7AI score0.00849EPSS
CVE
CVE
added 2020/12/08 10:15 p.m.102 views

CVE-2020-9991

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service.

7.5CVSS6.1AI score0.02136EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.102 views

CVE-2021-1805

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.4AI score0.00334EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.102 views

CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00693EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.102 views

CVE-2022-26761

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00213EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.101 views

CVE-2018-4243

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code...

9.3CVSS7AI score0.32008EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.101 views

CVE-2019-8514

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges.

7.8CVSS7.2AI score0.05033EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.101 views

CVE-2019-8660

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS8.5AI score0.04676EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.101 views

CVE-2019-8848

This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. ...

7.8CVSS7.1AI score0.00297EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.101 views

CVE-2022-22661

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00246EPSS
Total number of security vulnerabilities3225