Macos Security Vulnerabilities and Issues — Page 10 of Macos CVE List

Lucene search

AppleMacos

2776 matches found

CVE•added 2025/02/10 7:15 p.m.•182 views

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

6.5CVSS6.4AI score0.00152EPSS

CVE•added 2021/09/08 3:15 p.m.•181 views

CVE-2021-1826

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6.1AI score0.00695EPSS

CVE•added 2021/08/24 2:15 p.m.•181 views

CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed...

7.5CVSS7.6AI score0.00977EPSS

CVE•added 2022/05/26 8:15 p.m.•181 views

CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7CVSS5.4AI score0.00059EPSS

CVE•added 2021/12/19 5:15 p.m.•180 views

CVE-2021-4136

vim is vulnerable to Heap-based Buffer Overflow

7.8CVSS8.3AI score0.00154EPSS

CVE•added 2022/03/13 6:15 p.m.•180 views

CVE-2022-26981

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

7.8CVSS7.8AI score0.00344EPSS

CVE•added 2021/08/24 7:15 p.m.•179 views

CVE-2021-30984

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

7.5CVSS7.9AI score0.00879EPSS

CVE•added 2022/09/23 7:15 p.m.•179 views

CVE-2022-22624

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00276EPSS

CVE•added 2022/09/23 7:15 p.m.•179 views

CVE-2022-22628

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00127EPSS

CVE•added 2023/02/27 8:15 p.m.•179 views

CVE-2023-23496

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.00198EPSS

CVE•added 2023/05/08 8:15 p.m.•179 views

CVE-2023-27953

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory.

9.8CVSS8AI score0.01419EPSS

CVE•added 2021/08/24 7:15 p.m.•178 views

CVE-2021-30953

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00617EPSS

CVE•added 2023/09/06 9:15 p.m.•178 views

CVE-2023-40397

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution.

9.8CVSS8.6AI score0.01195EPSS

CVE•added 2019/12/18 6:15 p.m.•177 views

CVE-2019-8670

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS4.9AI score0.00378EPSS

CVE•added 2021/08/24 7:15 p.m.•177 views

CVE-2021-30954

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8AI score0.00366EPSS

CVE•added 2023/07/28 5:15 a.m.•177 views

CVE-2023-32444

A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions.

7.5CVSS6.8AI score0.00108EPSS

CVE•added 2021/10/19 2:15 p.m.•176 views

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

7.8CVSS8AI score0.00898EPSS

CVE•added 2021/08/24 7:15 p.m.•175 views

CVE-2021-30884

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.

4.7CVSS5.5AI score0.0028EPSS

CVE•added 2022/05/07 7:15 p.m.•174 views

CVE-2022-1616

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

7.8CVSS7.9AI score0.00093EPSS

CVE•added 2022/03/18 6:15 p.m.•174 views

CVE-2022-22590

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00308EPSS

CVE•added 2022/11/01 8:15 p.m.•174 views

CVE-2022-26709

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00162EPSS

CVE•added 2021/08/24 7:15 p.m.•172 views

CVE-2021-30951

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.01133EPSS

CVE•added 2022/06/02 2:15 p.m.•172 views

CVE-2022-1968

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.00129EPSS

CVE•added 2023/08/14 11:15 p.m.•170 views

CVE-2023-28198

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00055EPSS

CVE•added 2022/03/18 6:15 p.m.•168 views

CVE-2022-22594

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

6.5CVSS6.4AI score0.00113EPSS

CVE•added 2022/01/06 5:15 p.m.•167 views

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read

7.8CVSS7.6AI score0.00239EPSS

CVE•added 2022/06/10 7:15 p.m.•166 views

CVE-2022-2042

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.6AI score0.00122EPSS

CVE•added 2022/05/17 5:15 p.m.•165 views

CVE-2022-1733

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

7.8CVSS7.1AI score0.00038EPSS

CVE•added 2022/12/15 7:15 p.m.•165 views

CVE-2022-42852

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.3AI score0.00414EPSS

CVE•added 2022/04/12 6:15 p.m.•164 views

CVE-2021-28544

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom...

4.3CVSS5.7AI score0.0017EPSS

CVE•added 2022/12/15 7:15 p.m.•164 views

CVE-2022-46699

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00447EPSS

CVE•added 2023/02/27 8:15 p.m.•164 views

CVE-2023-23524

A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

7.5CVSS6.4AI score0.00093EPSS

CVE•added 2023/07/27 1:15 a.m.•164 views

CVE-2023-32393

The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00237EPSS

CVE•added 2022/03/18 6:15 p.m.•162 views

CVE-2022-22660

This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI.

5.5CVSS6.1AI score0.00267EPSS

CVE•added 2021/12/27 1:15 p.m.•161 views

CVE-2021-4173

vim is vulnerable to Use After Free

7.8CVSS7.4AI score0.00206EPSS

CVE•added 2022/11/01 8:15 p.m.•161 views

CVE-2022-26716

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00154EPSS

CVE•added 2022/12/15 7:15 p.m.•160 views

CVE-2022-46700

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00447EPSS

CVE•added 2023/09/05 7:15 p.m.•160 views

CVE-2023-4781

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.

7.8CVSS7.7AI score0.00031EPSS

CVE•added 2025/01/27 10:15 p.m.•159 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00195EPSS

CVE•added 2021/12/29 5:15 p.m.•158 views

CVE-2021-4187

vim is vulnerable to Use After Free

7.8CVSS7.9AI score0.00354EPSS

CVE•added 2022/02/10 10:15 p.m.•158 views

CVE-2022-0554

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.

8.4CVSS8.2AI score0.00294EPSS

CVE•added 2022/05/08 10:15 a.m.•158 views

CVE-2022-1619

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

7.8CVSS7.3AI score0.00387EPSS

CVE•added 2022/03/18 6:15 p.m.•158 views

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

6.1CVSS6.2AI score0.00344EPSS

CVE•added 2023/05/26 9:15 p.m.•157 views

CVE-2023-28320

A denial of service vulnerability exists in curl

5.9CVSS6.3AI score0.00641EPSS

CVE•added 2020/04/17 6:15 p.m.•156 views

CVE-2019-6203

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic.

9.8CVSS7.5AI score0.07524EPSS

CVE•added 2022/05/26 6:15 p.m.•156 views

CVE-2022-22676

An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission.

5.5CVSS5.2AI score0.00246EPSS

CVE•added 2022/11/01 8:15 p.m.•154 views

CVE-2022-26719

8.8CVSS8.6AI score0.00154EPSS

CVE•added 2025/03/31 11:15 p.m.•154 views

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.9AI score0.00055EPSS

CVE•added 2022/01/10 4:15 p.m.•153 views

CVE-2022-0156

vim is vulnerable to Use After Free

6.8CVSS6.3AI score0.00123EPSS

CVE•added 2022/11/01 8:15 p.m.•153 views

CVE-2022-22677

A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.

4.3CVSS4.8AI score0.00152EPSS

Total number of security vulnerabilities2776