Lucene search

K
AppleMacos

838 matches found

CVE
CVE
added 2024/02/21 7:15 a.m.6864 views

CVE-2023-42835

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to access user data.

7.5CVSS7.2AI score0.00103EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.6213 views

CVE-2023-42843

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.

7.5CVSS5.2AI score0.00071EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.6204 views

CVE-2023-42946

This issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to leak sensitive user information.

7.5CVSS7.1AI score0.00144EPSS
CVE
CVE
added 2024/04/04 8:15 p.m.4703 views

CVE-2023-38709

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

7.3CVSS7.1AI score0.03698EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.4526 views

CVE-2023-42873

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00077EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.4514 views

CVE-2023-42860

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

7.7CVSS6.7AI score0.00574EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.4486 views

CVE-2023-42942

This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.

7.8CVSS7AI score0.00126EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.4469 views

CVE-2023-42848

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption.

7.8CVSS6.9AI score0.00043EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.3850 views

CVE-2023-42877

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

7.7CVSS6.6AI score0.00034EPSS
CVE
CVE
added 2024/05/14 3:13 p.m.3593 views

CVE-2024-27818

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to cause unexpected app termination or arbitrary code execution.

7.8CVSS5.3AI score0.00034EPSS
CVE
CVE
added 2022/03/25 9:15 a.m.3062 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00095EPSS
CVE
CVE
added 2020/12/08 10:15 p.m.2107 views

CVE-2020-27918

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary cod...

7.8CVSS8.6AI score0.00164EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2000 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

7.5CVSS8.7AI score0.34984EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.1245 views

CVE-2021-30860

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this is...

7.8CVSS6.5AI score0.69382EPSS
CVE
CVE
added 2024/02/21 7:15 a.m.1155 views

CVE-2023-42859

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

7.7CVSS6.6AI score0.00031EPSS
CVE
CVE
added 2023/01/18 5:15 p.m.1135 views

CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affect...

7.8CVSS7.7AI score0.50157EPSS
CVE
CVE
added 2020/06/05 3:15 p.m.1112 views

CVE-2020-9859

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.1AI score0.00295EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.1099 views

CVE-2021-30713

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..

7.8CVSS6.8AI score0.00127EPSS
CVE
CVE
added 2020/12/08 9:15 p.m.1087 views

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalin...

7.1CVSS5.3AI score0.37741EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.1042 views

CVE-2021-1782

A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to elevate privileges. Apple is aware of a repor...

7CVSS7AI score0.06092EPSS
CVE
CVE
added 2022/09/20 9:15 p.m.1022 views

CVE-2022-32917

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively explo...

7.8CVSS7.8AI score0.00091EPSS
CVE
CVE
added 2020/12/08 9:15 p.m.1020 views

CVE-2020-27930

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplem...

7.8CVSS7.6AI score0.47457EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.1020 views

CVE-2023-27930

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00054EPSS
CVE
CVE
added 2022/05/26 6:15 p.m.1017 views

CVE-2022-26691

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.

7.2CVSS6.1AI score0.00011EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.990 views

CVE-2019-6223

A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.

7.5CVSS6.9AI score0.00451EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.931 views

CVE-2023-32434

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with ker...

7.8CVSS7.9AI score0.82398EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.895 views

CVE-2019-7286

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges.

7.8CVSS7.7AI score0.01627EPSS
CVE
CVE
added 2022/08/24 8:15 p.m.883 views

CVE-2022-32894

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploi...

7.8CVSS7.9AI score0.00338EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.734 views

CVE-2021-31010

A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that ...

7.5CVSS6.7AI score0.01359EPSS
CVE
CVE
added 2023/07/27 1:15 a.m.551 views

CVE-2023-38572

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy.

7.5CVSS6.7AI score0.00345EPSS
CVE
CVE
added 2022/10/29 2:15 a.m.542 views

CVE-2022-42916

In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host nam...

7.5CVSS8.3AI score0.00033EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.519 views

CVE-2019-8526

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges.

7.8CVSS7.6AI score0.00349EPSS
CVE
CVE
added 2023/05/08 8:15 p.m.499 views

CVE-2023-27969

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.1AI score0.00071EPSS
CVE
CVE
added 2020/12/14 8:15 p.m.492 views

CVE-2020-8286

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

7.5CVSS7.6AI score0.00161EPSS
CVE
CVE
added 2022/05/09 6:15 p.m.457 views

CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

7.5CVSS7.8AI score0.00386EPSS
CVE
CVE
added 2020/04/28 9:15 p.m.441 views

CVE-2020-10663

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing...

7.5CVSS6.7AI score0.10014EPSS
CVE
CVE
added 2025/01/27 10:15 p.m.435 views

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS6.9AI score0.00044EPSS
CVE
CVE
added 2023/09/04 2:15 p.m.425 views

CVE-2023-4733

Use After Free in GitHub repository vim/vim prior to 9.0.1840.

7.8CVSS7.4AI score0.00036EPSS
CVE
CVE
added 2022/02/26 5:15 a.m.410 views

CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

7.5CVSS7.7AI score0.00044EPSS
CVE
CVE
added 2023/09/02 6:15 p.m.410 views

CVE-2023-4734

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.

7.8CVSS7.7AI score0.00036EPSS
CVE
CVE
added 2023/09/02 8:15 p.m.407 views

CVE-2023-4738

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.

7.8CVSS7.7AI score0.00041EPSS
CVE
CVE
added 2023/09/07 6:15 p.m.396 views

CVE-2023-41064

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Ap...

7.8CVSS7.1AI score0.92609EPSS
CVE
CVE
added 2025/01/27 10:15 p.m.386 views

CVE-2025-24174

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences.

7.7CVSS6AI score0.0002EPSS
CVE
CVE
added 2023/09/21 7:15 p.m.381 views

CVE-2023-41992

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS befor...

7.8CVSS7.1AI score0.0037EPSS
CVE
CVE
added 2021/09/29 8:15 p.m.365 views

CVE-2021-22946

A user can tell curl >= 7.20.0 and

7.5CVSS7.6AI score0.00059EPSS
CVE
CVE
added 2023/09/02 6:15 p.m.363 views

CVE-2023-4735

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.

7.8CVSS6.2AI score0.00027EPSS
CVE
CVE
added 2020/11/04 6:15 p.m.340 views

CVE-2020-8037

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

7.5CVSS7.5AI score0.00273EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.335 views

CVE-2020-3898

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.

7.8CVSS7.2AI score0.0009EPSS
CVE
CVE
added 2022/04/12 6:15 p.m.330 views

CVE-2022-24070

Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn ar...

7.5CVSS7.6AI score0.00387EPSS
CVE
CVE
added 2024/03/05 8:16 p.m.330 views

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue ma...

7.8CVSS7AI score0.00033EPSS
Total number of security vulnerabilities838