Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
AppleMac Os X10.15.7

398 matches found

CVE
CVEadded 2022/03/14 11:15 a.m.7594 views

CVE-2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

9.8CVSS9.4AI score0.3179EPSS
CVE
CVEadded 2021/12/20 12:15 p.m.6726 views

CVE-2021-44790

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earl...

9.8CVSS9.9AI score0.85858EPSS
CVE
CVEadded 2022/03/25 9:15 a.m.3061 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00095EPSS
CVE
CVEadded 2021/12/20 12:15 p.m.2483 views

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forger...

8.2CVSS8.7AI score0.11965EPSS
CVE
CVEadded 2022/03/14 11:15 a.m.2333 views

CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

9.1CVSS9.4AI score0.23333EPSS
CVE
CVEadded 2022/03/14 11:15 a.m.2000 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

7.5CVSS8.7AI score0.34984EPSS
CVE
CVEadded 2022/07/28 2:15 a.m.1581 views

CVE-2022-2294

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02193EPSS
CVE
CVEadded 2021/04/02 6:15 p.m.1342 views

CVE-2021-1789

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to a...

8.8CVSS8.6AI score0.00238EPSS
CVE
CVEadded 2021/04/02 7:15 p.m.1256 views

CVE-2021-1871

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issu...

9.8CVSS8.6AI score0.00997EPSS
CVE
CVEadded 2021/04/02 7:15 p.m.1250 views

CVE-2021-1870

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issu...

9.8CVSS8.6AI score0.00524EPSS
CVE
CVEadded 2021/08/24 7:15 p.m.1244 views

CVE-2021-30860

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this is...

7.8CVSS6.5AI score0.69382EPSS
CVE
CVEadded 2022/05/26 6:15 p.m.1221 views

CVE-2022-22674

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory.

5.5CVSS5.9AI score0.00145EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.1097 views

CVE-2021-30713

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..

7.8CVSS6.8AI score0.00127EPSS
CVE
CVEadded 2021/08/24 7:15 p.m.1092 views

CVE-2021-30869

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute a...

9.3CVSS7.7AI score0.04229EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.1069 views

CVE-2021-30657

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited..

5.5CVSS6.2AI score0.73512EPSS
CVE
CVEadded 2021/04/02 6:15 p.m.1041 views

CVE-2021-1782

A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to elevate privileges. Apple is aware of a repor...

7CVSS7AI score0.06092EPSS
CVE
CVEadded 2022/05/26 6:15 p.m.1017 views

CVE-2022-26691

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.

7.2CVSS6.1AI score0.00011EPSS
CVE
CVEadded 2021/08/24 7:15 p.m.733 views

CVE-2021-31010

A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that ...

7.5CVSS6.7AI score0.01359EPSS
CVE
CVEadded 2023/02/27 8:15 p.m.498 views

CVE-2022-22582

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files.

5.5CVSS4.5AI score0.03054EPSS
CVE
CVEadded 2020/12/14 8:15 p.m.492 views

CVE-2020-8286

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

7.5CVSS7.6AI score0.00161EPSS
CVE
CVEadded 2022/02/26 5:15 a.m.410 views

CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

7.5CVSS7.7AI score0.00044EPSS
CVE
CVEadded 2021/08/05 9:15 p.m.408 views

CVE-2021-22925

curl supports the -t command line option, known as CURLOPT_TELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEW_ENV variables, libcurlcould be made to pass on uninitialized data from a stack based b...

5.3CVSS6.3AI score0.00453EPSS
CVE
CVEadded 2020/12/14 8:15 p.m.349 views

CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service bann...

4.3CVSS6AI score0.00067EPSS
CVE
CVEadded 2020/11/04 6:15 p.m.340 views

CVE-2020-8037

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

7.5CVSS7.5AI score0.00273EPSS
CVE
CVEadded 2022/02/09 11:15 p.m.336 views

CVE-2022-0530

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

5.5CVSS5.3AI score0.00123EPSS
CVE
CVEadded 2020/12/14 8:15 p.m.297 views

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

7.5CVSS7.7AI score0.00624EPSS
CVE
CVEadded 2021/05/18 12:15 p.m.291 views

CVE-2020-25709

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

7.5CVSS7.2AI score0.0372EPSS
CVE
CVEadded 2021/04/02 6:15 p.m.289 views

CVE-2021-1788

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead t...

8.8CVSS8.4AI score0.00833EPSS
CVE
CVEadded 2022/02/14 12:15 p.m.274 views

CVE-2021-45444

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

7.8CVSS7.8AI score0.00094EPSS
CVE
CVEadded 2021/04/02 6:15 p.m.266 views

CVE-2020-29623

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete b...

3.3CVSS4.9AI score0.00053EPSS
CVE
CVEadded 2021/12/31 3:15 p.m.264 views

CVE-2021-4192

vim is vulnerable to Use After Free

7.8CVSS7.1AI score0.00329EPSS
CVE
CVEadded 2021/04/02 6:15 p.m.261 views

CVE-2021-1765

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.

6.5CVSS7AI score0.00085EPSS
CVE
CVEadded 2021/12/31 4:15 p.m.249 views

CVE-2021-4193

vim is vulnerable to Out-of-bounds Read

5.5CVSS7.1AI score0.00325EPSS
CVE
CVEadded 2021/09/08 2:15 p.m.229 views

CVE-2021-30799

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.8AI score0.01039EPSS
CVE
CVEadded 2021/12/25 7:15 p.m.219 views

CVE-2021-4166

vim is vulnerable to Out-of-bounds Read

7.1CVSS8.1AI score0.00224EPSS
CVE
CVEadded 2022/05/26 7:15 p.m.200 views

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges.

9.3CVSS8AI score0.00173EPSS
CVE
CVEadded 2022/05/26 8:15 p.m.198 views

CVE-2022-26751

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execut...

7.8CVSS8.3AI score0.00627EPSS
CVE
CVEadded 2022/09/23 7:15 p.m.198 views

CVE-2022-32823

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information.

5.5CVSS5.6AI score0.00033EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.183 views

CVE-2022-22631

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.

7.8CVSS7.3AI score0.00147EPSS
CVE
CVEadded 2021/12/19 5:15 p.m.178 views

CVE-2021-4136

vim is vulnerable to Heap-based Buffer Overflow

7.8CVSS8.3AI score0.00154EPSS
CVE
CVEadded 2022/05/26 6:15 p.m.171 views

CVE-2022-22662

A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.

6.5CVSS6.4AI score0.00207EPSS
CVE
CVEadded 2022/01/06 5:15 p.m.165 views

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read

7.8CVSS7.6AI score0.00239EPSS
CVE
CVEadded 2021/12/27 1:15 p.m.159 views

CVE-2021-4173

vim is vulnerable to Use After Free

7.8CVSS7.4AI score0.00191EPSS
CVE
CVEadded 2021/12/29 5:15 p.m.156 views

CVE-2021-4187

vim is vulnerable to Use After Free

7.8CVSS7.9AI score0.00245EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.147 views

CVE-2022-22638

A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service a...

6.5CVSS6.1AI score0.00217EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.145 views

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

6.1CVSS6.2AI score0.00286EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.144 views

CVE-2022-32910

A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.

7.5CVSS7.3AI score0.00155EPSS
CVE
CVEadded 2022/05/26 8:15 p.m.143 views

CVE-2022-26770

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00266EPSS
CVE
CVEadded 2022/05/26 7:15 p.m.141 views

CVE-2022-26727

This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.9AI score0.00169EPSS
CVE
CVEadded 2022/09/23 7:15 p.m.139 views

CVE-2022-32832

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

6.7CVSS7.3AI score0.03849EPSS
Total number of security vulnerabilities398