Macos@* Security Vulnerabilities and Issues — Page 10 of Macos@* CVE List

Lucene search

AppleMacos*

2754 matches found

CVE•added 2023/05/08 8:15 p.m.•179 views

CVE-2023-27953

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory.

9.8CVSS8AI score0.01419EPSS

CVE•added 2021/08/24 7:15 p.m.•178 views

CVE-2021-30953

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00617EPSS

CVE•added 2023/09/06 9:15 p.m.•178 views

CVE-2023-40397

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution.

9.8CVSS8.6AI score0.01195EPSS

CVE•added 2019/12/18 6:15 p.m.•177 views

CVE-2019-8670

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS4.9AI score0.00378EPSS

CVE•added 2021/08/24 7:15 p.m.•177 views

CVE-2021-30954

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8AI score0.00366EPSS

CVE•added 2023/07/28 5:15 a.m.•177 views

CVE-2023-32444

A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions.

7.5CVSS6.8AI score0.00108EPSS

CVE•added 2021/10/19 2:15 p.m.•176 views

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

7.8CVSS8AI score0.00898EPSS

CVE•added 2021/08/24 7:15 p.m.•175 views

CVE-2021-30884

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.

4.7CVSS5.5AI score0.0028EPSS

CVE•added 2022/05/07 7:15 p.m.•174 views

CVE-2022-1616

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

7.8CVSS7.9AI score0.00088EPSS

CVE•added 2022/03/18 6:15 p.m.•174 views

CVE-2022-22590

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00308EPSS

CVE•added 2022/11/01 8:15 p.m.•174 views

CVE-2022-26709

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00162EPSS

CVE•added 2021/08/24 7:15 p.m.•172 views

CVE-2021-30951

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.01133EPSS

CVE•added 2022/06/02 2:15 p.m.•172 views

CVE-2022-1968

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.00129EPSS

CVE•added 2023/08/14 11:15 p.m.•170 views

CVE-2023-28198

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00055EPSS

CVE•added 2022/03/18 6:15 p.m.•168 views

CVE-2022-22594

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

6.5CVSS6.4AI score0.00113EPSS

CVE•added 2022/01/06 5:15 p.m.•167 views

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read

7.8CVSS7.6AI score0.00239EPSS

CVE•added 2022/06/10 7:15 p.m.•166 views

CVE-2022-2042

Use After Free in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.6AI score0.00122EPSS

CVE•added 2022/05/17 5:15 p.m.•165 views

CVE-2022-1733

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

7.8CVSS7.1AI score0.00038EPSS

CVE•added 2022/04/12 6:15 p.m.•164 views

CVE-2021-28544

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom...

4.3CVSS5.7AI score0.0017EPSS

CVE•added 2022/12/15 7:15 p.m.•164 views

CVE-2022-46699

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00447EPSS

CVE•added 2023/02/27 8:15 p.m.•164 views

CVE-2023-23524

A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

7.5CVSS6.4AI score0.00093EPSS

CVE•added 2023/07/27 1:15 a.m.•164 views

CVE-2023-32393

The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00237EPSS

CVE•added 2022/03/18 6:15 p.m.•162 views

CVE-2022-22660

This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI.

5.5CVSS6.1AI score0.00267EPSS

CVE•added 2021/12/27 1:15 p.m.•161 views

CVE-2021-4173

vim is vulnerable to Use After Free

7.8CVSS7.4AI score0.00206EPSS

CVE•added 2022/11/01 8:15 p.m.•161 views

CVE-2022-26716

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00154EPSS

CVE•added 2023/09/05 7:15 p.m.•160 views

CVE-2023-4781

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.

7.8CVSS7.7AI score0.00031EPSS

CVE•added 2025/01/27 10:15 p.m.•159 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00195EPSS

CVE•added 2021/12/29 5:15 p.m.•158 views

CVE-2021-4187

vim is vulnerable to Use After Free

7.8CVSS7.9AI score0.00354EPSS

CVE•added 2022/02/10 10:15 p.m.•158 views

CVE-2022-0554

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.

8.4CVSS8.2AI score0.00294EPSS

CVE•added 2022/05/08 10:15 a.m.•158 views

CVE-2022-1619

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

7.8CVSS7.3AI score0.00387EPSS

CVE•added 2022/03/18 6:15 p.m.•158 views

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

6.1CVSS6.2AI score0.00344EPSS

CVE•added 2020/04/17 6:15 p.m.•156 views

CVE-2019-6203

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic.

9.8CVSS7.5AI score0.07524EPSS

CVE•added 2022/05/26 6:15 p.m.•156 views

CVE-2022-22676

An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission.

5.5CVSS5.2AI score0.00246EPSS

CVE•added 2023/05/26 9:15 p.m.•156 views

CVE-2023-28320

A denial of service vulnerability exists in curl

5.9CVSS6.3AI score0.00641EPSS

CVE•added 2022/11/01 8:15 p.m.•154 views

CVE-2022-26719

8.8CVSS8.6AI score0.00154EPSS

CVE•added 2022/01/10 4:15 p.m.•153 views

CVE-2022-0156

vim is vulnerable to Use After Free

6.8CVSS6.3AI score0.00123EPSS

CVE•added 2022/11/01 8:15 p.m.•153 views

CVE-2022-22677

A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.

4.3CVSS4.8AI score0.00152EPSS

CVE•added 2022/05/26 7:15 p.m.•153 views

CVE-2022-26736

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00271EPSS

CVE•added 2022/12/15 7:15 p.m.•153 views

CVE-2022-42863

8.8CVSS8.6AI score0.00532EPSS

CVE•added 2021/08/24 7:15 p.m.•152 views

CVE-2021-30897

An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin.

6.5CVSS7.1AI score0.00254EPSS

CVE•added 2022/06/19 12:15 p.m.•152 views

CVE-2022-2125

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.8AI score0.00153EPSS

CVE•added 2023/02/27 8:15 p.m.•152 views

CVE-2022-46705

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS3.5AI score0.00106EPSS

CVE•added 2025/03/31 11:15 p.m.•152 views

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.9AI score0.00055EPSS

CVE•added 2019/12/18 6:15 p.m.•151 views

CVE-2019-8641

An out-of-bounds read was addressed with improved input validation.

9.8CVSS8.7AI score0.20824EPSS

CVE•added 2021/08/24 7:15 p.m.•150 views

CVE-2021-30955

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS7.1AI score0.40507EPSS

CVE•added 2022/01/21 2:15 p.m.•150 views

CVE-2022-0319

Out-of-bounds Read in vim/vim prior to 8.2.

5.5CVSS6.8AI score0.00106EPSS

CVE•added 2022/03/18 6:15 p.m.•150 views

CVE-2022-22638

A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service a...

6.5CVSS6.1AI score0.00313EPSS

CVE•added 2022/09/23 7:15 p.m.•150 views

CVE-2022-32792

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00379EPSS

CVE•added 2025/05/12 10:15 p.m.•150 views

CVE-2025-31257

This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.7CVSS5.8AI score0.00083EPSS

CVE•added 2020/12/08 8:15 p.m.•149 views

CVE-2020-9849

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0. A remote attacker may be able to leak memory.

6.5CVSS5.9AI score0.01069EPSS

Total number of security vulnerabilities2754