Lucene search

K

985 matches found

CVE
CVE
added 2020/06/09 5:15 p.m.99 views

CVE-2020-9789

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lea...

9.3CVSS8AI score0.0135EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.99 views

CVE-2020-9999

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00688EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.98 views

CVE-2014-9160

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors.

10CVSS7.5AI score0.45307EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.98 views

CVE-2019-8552

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges.

7.8CVSS6.9AI score0.00352EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.98 views

CVE-2019-8685

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may l...

9.3CVSS8.4AI score0.00974EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.98 views

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead ...

7.8CVSS7.7AI score0.00504EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.98 views

CVE-2021-30859

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.2AI score0.00268EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.98 views

CVE-2021-30911

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.2AI score0.00264EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.98 views

CVE-2021-30916

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with ke...

9.3CVSS7.4AI score0.00387EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.98 views

CVE-2021-30917

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Su...

7.8CVSS7.6AI score0.00493EPSS
CVE
CVE
added 2022/05/26 8:15 p.m.98 views

CVE-2022-26746

This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5CVSS6.3AI score0.00271EPSS
CVE
CVE
added 2011/06/06 7:55 p.m.97 views

CVE-2011-1752

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.

5CVSS6.2AI score0.06608EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.97 views

CVE-2019-6214

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

8.6CVSS6.7AI score0.08868EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.97 views

CVE-2019-8661

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.4AI score0.08047EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.97 views

CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8AI score0.00399EPSS
CVE
CVE
added 2011/08/29 3:55 p.m.96 views

CVE-2011-2821

Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

7.5CVSS8.7AI score0.02282EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.96 views

CVE-2018-4224

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" ...

5.5CVSS5.4AI score0.00044EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.96 views

CVE-2019-8834

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud...

4.3CVSS4.9AI score0.00317EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.96 views

CVE-2020-9877

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ar...

7.8CVSS8.1AI score0.00424EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.95 views

CVE-2017-13904

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.00386EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.95 views

CVE-2019-6205

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.

7.8CVSS6.8AI score0.09194EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.95 views

CVE-2019-6208

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.

5.5CVSS5.3AI score0.06471EPSS
CVE
CVE
added 2020/02/28 2:15 p.m.95 views

CVE-2019-8741

A denial of service issue was addressed with improved input validation.

7.8CVSS7.8AI score0.01512EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.95 views

CVE-2020-3830

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files.

3.6CVSS5.1AI score0.00181EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.95 views

CVE-2020-3846

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an une...

8.8CVSS8AI score0.00773EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.95 views

CVE-2021-30907

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to elevate ...

7.8CVSS6.8AI score0.00491EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.95 views

CVE-2021-30915

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS device may be able to determine characteristic...

2.4CVSS3.5AI score0.00112EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.94 views

CVE-2017-13868

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.09858EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.94 views

CVE-2018-4235

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows local users to perform impersonation attacks via an unspecified in...

5.5CVSS5.5AI score0.00181EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.94 views

CVE-2019-8600

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.

9.8CVSS8.5AI score0.03382EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.94 views

CVE-2020-3866

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Catalina 10.15.3. Searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper.

5.5CVSS6.1AI score0.00217EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.94 views

CVE-2021-30857

A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS7.1AI score0.00237EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.94 views

CVE-2021-30909

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. An application may be able to execute arbitra...

9.3CVSS7.4AI score0.00576EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.94 views

CVE-2022-32849

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.

5.5CVSS5.7AI score0.00038EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.93 views

CVE-2017-7162

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a ...

9.3CVSS7.3AI score0.00244EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.93 views

CVE-2018-4139

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.7AI score0.01266EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.93 views

CVE-2018-4223

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a pe...

5.5CVSS5.3AI score0.00072EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.93 views

CVE-2019-6209

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.

5.5CVSS4.9AI score0.05053EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.93 views

CVE-2019-6218

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.4AI score0.06799EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.93 views

CVE-2019-8830

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via...

9.3CVSS7.7AI score0.01747EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.93 views

CVE-2019-8856

An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra....

4.3CVSS4.1AI score0.0021EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.93 views

CVE-2020-3857

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

7.8CVSS7.6AI score0.00226EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.93 views

CVE-2020-9827

A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A remote attacker may be able to cause a denial of service.

7.5CVSS6.7AI score0.00821EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.93 views

CVE-2021-30821

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00292EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.93 views

CVE-2021-30881

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code executio...

7.8CVSS7.4AI score0.00574EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.92 views

CVE-2017-7000

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.5AI score0.00615EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.92 views

CVE-2017-7047

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or c...

8.8CVSS7.7AI score0.22491EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.92 views

CVE-2019-8786

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00477EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.92 views

CVE-2019-8829

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges...

9.3CVSS7.8AI score0.00182EPSS
CVE
CVE
added 2022/05/26 7:15 p.m.92 views

CVE-2022-26715

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges.

9.3CVSS7.7AI score0.00151EPSS
Total number of security vulnerabilities985