Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
AppleMacos

228 matches found

CVE
CVEadded 2024/02/21 7:15 a.m.6603 views

CVE-2023-42839

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

6.2CVSS7AI score0.00051EPSS
CVE
CVEadded 2024/02/21 7:15 a.m.6172 views

CVE-2023-42834

A privacy issue was addressed with improved handling of files. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

6.2CVSS7AI score0.0006EPSS
CVE
CVEadded 2024/04/04 8:15 p.m.3711 views

CVE-2024-24795

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue.

6.3CVSS7AI score0.01253EPSS
CVE
CVEadded 2023/06/23 6:15 p.m.1744 views

CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this...

6.5CVSS6.6AI score0.00046EPSS
CVE
CVEadded 2023/06/23 6:15 p.m.762 views

CVE-2023-32369

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system.

6CVSS5.9AI score0.00028EPSS
CVE
CVEadded 2014/01/21 6:55 p.m.623 views

CVE-2013-0340

expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a cr...

6.8CVSS7.1AI score0.00042EPSS
CVE
CVEadded 2023/06/23 6:15 p.m.577 views

CVE-2023-32371

The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of its sandbox.

6.3CVSS5.4AI score0.00028EPSS
CVE
CVEadded 2023/12/08 6:15 a.m.545 views

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such acce...

6.3CVSS6.9AI score0.28791EPSS
CVE
CVEadded 2023/07/27 12:15 a.m.531 views

CVE-2023-38133

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information.

6.5CVSS6.2AI score0.00333EPSS
CVE
CVEadded 2023/05/08 8:15 p.m.453 views

CVE-2023-27954

The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information.

6.5CVSS6.3AI score0.00192EPSS
CVE
CVEadded 2023/07/28 5:15 a.m.412 views

CVE-2023-38599

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information.

6.5CVSS6AI score0.00362EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.410 views

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.

6.5CVSS5.7AI score0.00141EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.373 views

CVE-2025-24123

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS5.7AI score0.00045EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.328 views

CVE-2025-24115

A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read files outside of its sandbox.

6.3CVSS5.8AI score0.00015EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.327 views

CVE-2024-54478

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process cra...

6.5CVSS5.9AI score0.00104EPSS
CVE
CVEadded 2023/11/30 11:15 p.m.322 views

CVE-2023-42916

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions...

6.5CVSS6.7AI score0.00047EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.296 views

CVE-2021-1825

An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site ...

6.1CVSS6.4AI score0.00178EPSS
CVE
CVEadded 2021/04/02 7:15 p.m.293 views

CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricte...

6.5CVSS6.6AI score0.00207EPSS
CVE
CVEadded 2023/10/25 7:15 p.m.289 views

CVE-2023-41983

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

6.5CVSS6.2AI score0.01016EPSS
CVE
CVEadded 2022/12/05 10:15 p.m.278 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a ...

6.5CVSS7.5AI score0.00244EPSS
CVE
CVEadded 2021/04/02 7:15 p.m.275 views

CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.

6.5CVSS6.8AI score0.00254EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.269 views

CVE-2025-24106

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS6AI score0.00036EPSS
CVE
CVEadded 2025/04/16 7:15 p.m.267 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report ...

6.8CVSS6.7AI score0.00326EPSS
CVE
CVEadded 2023/10/25 7:15 p.m.262 views

CVE-2023-41989

The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to execute arbitrary code as root from the Lock Screen.

6.8CVSS7.4AI score0.00114EPSS
CVE
CVEadded 2021/04/02 6:15 p.m.261 views

CVE-2021-1765

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.

6.5CVSS7AI score0.00085EPSS
CVE
CVEadded 2023/10/25 7:15 p.m.258 views

CVE-2023-42849

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kerne...

6.5CVSS6.1AI score0.00241EPSS
CVE
CVEadded 2023/10/25 7:15 p.m.258 views

CVE-2023-42861

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.

6.5CVSS5.9AI score0.00056EPSS
CVE
CVEadded 2023/10/25 7:15 p.m.254 views

CVE-2023-40416

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory.

6.5CVSS5.7AI score0.00285EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.248 views

CVE-2019-8690

A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously craf...

6.1CVSS6.1AI score0.08113EPSS
CVE
CVEadded 2023/10/25 7:15 p.m.241 views

CVE-2023-41988

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

6.8CVSS6AI score0.00115EPSS
CVE
CVEadded 2021/07/20 7:15 a.m.231 views

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

6.5CVSS6.8AI score0.00106EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.225 views

CVE-2021-30689

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00589EPSS
CVE
CVEadded 2021/09/08 2:15 p.m.220 views

CVE-2021-30744

Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site sc...

6.1CVSS6.1AI score0.00589EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.214 views

CVE-2019-8615

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

6.5CVSS7.9AI score0.00728EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.208 views

CVE-2019-8649

A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciou...

6.1CVSS6AI score0.0982EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.205 views

CVE-2019-8597

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

6.5CVSS7.8AI score0.00728EPSS
CVE
CVEadded 2024/11/20 12:15 a.m.204 views

CVE-2024-44309

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple...

6.3CVSS5.3AI score0.00237EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.203 views

CVE-2019-8607

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process ...

6.5CVSS6.5AI score0.00683EPSS
CVE
CVEadded 2022/09/23 7:15 p.m.203 views

CVE-2022-32816

The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.

6.5CVSS6.2AI score0.00091EPSS
CVE
CVEadded 2022/12/15 7:15 p.m.202 views

CVE-2022-46698

A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.

6.5CVSS6.4AI score0.0046EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.199 views

CVE-2019-8608

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

6.8CVSS7.7AI score0.00767EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.197 views

CVE-2019-8658

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cro...

6.1CVSS6AI score0.00924EPSS
CVE
CVEadded 2021/08/24 7:15 p.m.193 views

CVE-2021-30890

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00296EPSS
CVE
CVEadded 2022/02/21 8:15 p.m.192 views

CVE-2022-0696

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.

6.2CVSS6.4AI score0.00127EPSS
CVE
CVEadded 2023/07/28 5:15 a.m.192 views

CVE-2023-32445

This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack.

6.1CVSS5.4AI score0.00531EPSS
CVE
CVEadded 2021/08/24 7:15 p.m.189 views

CVE-2021-30887

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.

6.5CVSS6.3AI score0.0036EPSS
CVE
CVEadded 2023/07/28 5:15 a.m.188 views

CVE-2023-32654

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.5. A user may be able to read information belonging to another user.

6.5CVSS5.7AI score0.00173EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.183 views

CVE-2021-1820

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.5AI score0.00166EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.181 views

CVE-2022-22592

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

6.5CVSS6.3AI score0.0014EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.175 views

CVE-2022-42799

The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.

6.1CVSS6AI score0.00544EPSS
Total number of security vulnerabilities228