Lucene search

K
AppleMac Os X

3225 matches found

CVE
CVE
added 2022/09/23 7:15 p.m.101 views

CVE-2022-32842

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges.

7.8CVSS7.5AI score0.00034EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.100 views

CVE-2016-1838

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.3AI score0.03485EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.100 views

CVE-2020-9790

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lea...

9.3CVSS8AI score0.0135EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.100 views

CVE-2020-9876

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lea...

7.8CVSS7.9AI score0.00683EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.100 views

CVE-2021-30715

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted message may lead to a denial of service.

7.5CVSS6.7AI score0.00653EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.100 views

CVE-2021-30910

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information.

5.5CVSS5.2AI score0.00327EPSS
CVE
CVE
added 2008/11/21 2:30 a.m.99 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.

7.5CVSS7.3AI score0.01973EPSS
CVE
CVE
added 2012/07/03 7:55 p.m.99 views

CVE-2012-1148

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

5CVSS7.9AI score0.01442EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.99 views

CVE-2015-3052

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE...

10CVSS7.6AI score0.10445EPSS
CVE
CVE
added 2016/09/25 10:59 a.m.99 views

CVE-2016-4694

The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an applicati...

9.1CVSS7.7AI score0.7312EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.99 views

CVE-2019-6224

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.

8.8CVSS7.9AI score0.35793EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.99 views

CVE-2021-30677

This issue was addressed with improved environment sanitization. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to break out of its sandbox.

8.8CVSS7.5AI score0.00102EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.99 views

CVE-2021-30843

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

7.8CVSS7.7AI score0.0027EPSS
CVE
CVE
added 2016/03/24 1:59 a.m.98 views

CVE-2016-1764

The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL.

4.3CVSS4.1AI score0.06683EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.98 views

CVE-2016-1836

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.

5.5CVSS6.5AI score0.01468EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.98 views

CVE-2020-9789

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lea...

9.3CVSS8AI score0.0135EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.98 views

CVE-2020-9954

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 7.0, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Playing a malicious audio file may lead to arbitrary code exec...

7.8CVSS7.5AI score0.0086EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.98 views

CVE-2020-9961

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.4AI score0.00275EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.98 views

CVE-2020-9999

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00688EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.98 views

CVE-2021-1744

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code exe...

9.3CVSS8.2AI score0.00251EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.98 views

CVE-2021-1882

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.

9.8CVSS8.2AI score0.00871EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.98 views

CVE-2021-30685

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Parsing a maliciously crafted audio file may lead to disclosure of user information.

5.5CVSS5.4AI score0.00296EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.98 views

CVE-2021-30793

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.

10CVSS8.5AI score0.01613EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.98 views

CVE-2022-22648

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to read restricted memory.

5.5CVSS5.2AI score0.00159EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.97 views

CVE-2016-1835

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.

8.8CVSS7.2AI score0.04733EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.97 views

CVE-2019-8552

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges.

7.8CVSS6.9AI score0.00352EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.97 views

CVE-2019-8685

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may l...

9.3CVSS8.4AI score0.00974EPSS
CVE
CVE
added 2021/04/02 7:15 p.m.97 views

CVE-2021-1790

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted font may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00306EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.97 views

CVE-2021-1851

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00913EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.97 views

CVE-2021-30785

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.9AI score0.00695EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.97 views

CVE-2021-30911

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.2AI score0.00264EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.97 views

CVE-2021-30916

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with ke...

9.3CVSS7.4AI score0.00525EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.97 views

CVE-2022-26746

This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5CVSS6.3AI score0.00271EPSS
CVE
CVE
added 2009/04/09 12:30 a.m.96 views

CVE-2009-0846

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding th...

10CVSS7.5AI score0.23588EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.96 views

CVE-2014-9160

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors.

10CVSS7.5AI score0.45307EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.96 views

CVE-2019-8661

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.4AI score0.08047EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.96 views

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead ...

7.8CVSS7.7AI score0.00504EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.96 views

CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8AI score0.00399EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.96 views

CVE-2021-30652

A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges.

7.6CVSS7AI score0.00225EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.96 views

CVE-2021-30705

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted ASTC file may disclose memory contents.

5.5CVSS5.8AI score0.00259EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.96 views

CVE-2021-30723

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.5AI score0.00269EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.96 views

CVE-2021-30859

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.2AI score0.00268EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.96 views

CVE-2021-30905

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information.

5.5CVSS5.2AI score0.00321EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.96 views

CVE-2021-30917

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Su...

7.8CVSS7.6AI score0.00669EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.96 views

CVE-2022-32820

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00137EPSS
CVE
CVE
added 2007/02/01 12:28 a.m.95 views

CVE-2007-0646

Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppK...

7.1CVSS6.9AI score0.16243EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.95 views

CVE-2019-6214

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

8.6CVSS6.7AI score0.08868EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.95 views

CVE-2019-8834

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud...

4.3CVSS4.9AI score0.00317EPSS
CVE
CVE
added 2020/12/03 6:15 p.m.95 views

CVE-2020-13524

An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim ...

6.3CVSS6.3AI score0.00411EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.95 views

CVE-2020-9877

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ar...

7.8CVSS8.1AI score0.00424EPSS
Total number of security vulnerabilities3225