Lucene search

K

985 matches found

CVE
CVE
added 2019/04/03 6:29 p.m.85 views

CVE-2018-4399

An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

5.5CVSS6.1AI score0.00296EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.85 views

CVE-2018-4420

A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

9.3CVSS7.2AI score0.00185EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.85 views

CVE-2019-6207

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.4AI score0.00656EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.85 views

CVE-2019-8560

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory.

5.5CVSS5.3AI score0.00269EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.85 views

CVE-2019-8706

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to ...

7.8CVSS8.3AI score0.00485EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.85 views

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory.

5.5CVSS5.1AI score0.00325EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.85 views

CVE-2020-3919

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00266EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.85 views

CVE-2021-30892

An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.6AI score0.0192EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.84 views

CVE-2018-4198

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file...

5.5CVSS5.3AI score0.0046EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.84 views

CVE-2018-4463

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.

9.3CVSS7.2AI score0.00171EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.84 views

CVE-2019-6221

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

7.8CVSS7.1AI score0.00259EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.84 views

CVE-2019-8756

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 ...

9.8CVSS7.9AI score0.01253EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.84 views

CVE-2020-3910

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01174EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.84 views

CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01563EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.84 views

CVE-2020-9791

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.84 views

CVE-2020-9815

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.84 views

CVE-2020-9873

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.84 views

CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.

7.8CVSS7.8AI score0.00344EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.84 views

CVE-2022-22597

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00319EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.83 views

CVE-2010-2497

Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9.5AI score0.02089EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.83 views

CVE-2018-4331

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

10CVSS7.4AI score0.19923EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.83 views

CVE-2018-4354

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.6CVSS7.4AI score0.00335EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.83 views

CVE-2018-4394

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.

7.8CVSS7.1AI score0.00335EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.83 views

CVE-2019-8521

This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files.

5.8CVSS5.7AI score0.00356EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.83 views

CVE-2020-3853

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS7.6AI score0.00414EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.83 views

CVE-2020-9879

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.83 views

CVE-2020-9884

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00418EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.83 views

CVE-2020-9945

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS4.5AI score0.0034EPSS
CVE
CVE
added 2015/07/03 2:0 a.m.82 views

CVE-2015-3717

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

7.5CVSS6.5AI score0.01438EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.82 views

CVE-2017-13847

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.2AI score0.01243EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.82 views

CVE-2018-4157

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary code in a privileged ...

7.6CVSS7.3AI score0.00152EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4304

A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

5CVSS5.8AI score0.00212EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4371

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

7.8CVSS6.6AI score0.00259EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4456

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.

9.3CVSS5.9AI score0.00393EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.82 views

CVE-2019-8530

This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files.

5.8CVSS5.7AI score0.0042EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.82 views

CVE-2020-9842

An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions.

7.1CVSS6.2AI score0.00331EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.82 views

CVE-2020-9874

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.81 views

CVE-2010-2806

Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based ...

6.8CVSS9.8AI score0.09383EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.81 views

CVE-2010-2807

FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9.5AI score0.05194EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2017-7172

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Se...

9.3CVSS7.4AI score0.00546EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2018-4088

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2018-4166

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary code in a privilege...

7.6CVSS7.3AI score0.00152EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.81 views

CVE-2018-4341

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.6CVSS7.4AI score0.00335EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.81 views

CVE-2020-9811

An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.

5.5CVSS4.8AI score0.00325EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.81 views

CVE-2020-9872

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
CVE
CVE
added 2020/10/22 7:15 p.m.81 views

CVE-2020-9938

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.81 views

CVE-2020-9969

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. A local user may be able to view senstive user information.

5.5CVSS5.1AI score0.00156EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.81 views

CVE-2021-30899

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS6.8AI score0.002EPSS
CVE
CVE
added 2010/03/03 7:30 p.m.80 views

CVE-2010-0205

The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of ser...

4.3CVSS8.8AI score0.08131EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.80 views

CVE-2010-2808

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.

6.8CVSS9.8AI score0.07802EPSS
Total number of security vulnerabilities985