Lucene search

K

1896 matches found

cve
cve
added 2018/04/03 6:29 a.m.82 views

CVE-2018-4157

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary code in a privileged ...

7.6CVSS7.3AI score0.00152EPSS
cve
cve
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4304

A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

5CVSS5.8AI score0.00212EPSS
cve
cve
added 2019/04/03 6:29 p.m.82 views

CVE-2018-4371

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

7.8CVSS6.6AI score0.00259EPSS
cve
cve
added 2019/12/18 6:15 p.m.82 views

CVE-2019-8530

This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files.

5.8CVSS5.7AI score0.0042EPSS
cve
cve
added 2019/12/18 6:15 p.m.82 views

CVE-2019-8795

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8AI score0.00374EPSS
cve
cve
added 2020/04/01 6:15 p.m.82 views

CVE-2020-3887

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.

4.3CVSS5.3AI score0.00492EPSS
cve
cve
added 2020/06/09 5:15 p.m.82 views

CVE-2020-9842

An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions.

7.1CVSS6.2AI score0.00331EPSS
cve
cve
added 2020/10/22 6:15 p.m.82 views

CVE-2020-9874

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
cve
cve
added 2020/10/16 5:15 p.m.82 views

CVE-2020-9936

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00318EPSS
cve
cve
added 2021/04/02 6:15 p.m.82 views

CVE-2021-1766

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to a denial of service.

5.5CVSS5.4AI score0.00309EPSS
cve
cve
added 2021/04/02 6:15 p.m.82 views

CVE-2021-1791

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A mali...

7.1CVSS5.2AI score0.00442EPSS
cve
cve
added 2021/09/08 2:15 p.m.82 views

CVE-2021-30781

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8CVSS7.9AI score0.00248EPSS
cve
cve
added 2021/08/24 7:15 p.m.82 views

CVE-2021-30927

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.7AI score0.00098EPSS
cve
cve
added 2023/06/23 6:15 p.m.82 views

CVE-2023-32411

This issue was addressed with improved entitlements. This issue is fixed in tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.

5.5CVSS5.7AI score0.00013EPSS
cve
cve
added 2024/06/10 9:15 p.m.82 views

CVE-2024-27817

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00092EPSS
cve
cve
added 2010/08/19 6:0 p.m.81 views

CVE-2010-2806

Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based ...

6.8CVSS9.8AI score0.09383EPSS
cve
cve
added 2010/08/19 6:0 p.m.81 views

CVE-2010-2807

FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9.5AI score0.05194EPSS
cve
cve
added 2017/11/13 3:29 a.m.81 views

CVE-2017-13792

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
Web
cve
cve
added 2018/04/03 6:29 a.m.81 views

CVE-2017-2493

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain s...

6.5CVSS6.1AI score0.00281EPSS
Web
cve
cve
added 2018/04/03 6:29 a.m.81 views

CVE-2017-7172

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Se...

9.3CVSS7.4AI score0.00546EPSS
cve
cve
added 2018/04/03 6:29 a.m.81 views

CVE-2018-4166

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary code in a privilege...

7.6CVSS7.3AI score0.00152EPSS
cve
cve
added 2019/04/03 6:29 p.m.81 views

CVE-2018-4341

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.6CVSS7.4AI score0.00335EPSS
cve
cve
added 2020/10/27 8:15 p.m.81 views

CVE-2019-8740

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00501EPSS
cve
cve
added 2020/10/22 6:15 p.m.81 views

CVE-2020-9872

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS
cve
cve
added 2020/10/22 7:15 p.m.81 views

CVE-2020-9938

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS
cve
cve
added 2020/12/08 8:15 p.m.81 views

CVE-2020-9969

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. A local user may be able to view senstive user information.

5.5CVSS5.1AI score0.00156EPSS
cve
cve
added 2021/04/02 6:15 p.m.81 views

CVE-2021-1748

A validation issue was addressed with improved input sanitization. This issue is fixed in tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.

8.8CVSS7.6AI score0.01209EPSS
cve
cve
added 2021/04/02 6:15 p.m.81 views

CVE-2021-1769

A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious attacker with arbitrary read and write capability may be able to bypass ...

5.5CVSS5.8AI score0.00054EPSS
cve
cve
added 2021/04/02 6:15 p.m.81 views

CVE-2021-1792

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.

8.8CVSS7.7AI score0.01041EPSS
cve
cve
added 2021/09/08 3:15 p.m.81 views

CVE-2021-1884

A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service.

5.9CVSS6AI score0.01006EPSS
cve
cve
added 2021/09/08 3:15 p.m.81 views

CVE-2021-30703

A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privil...

7.8CVSS7.9AI score0.0032EPSS
cve
cve
added 2021/08/24 7:15 p.m.81 views

CVE-2021-30924

A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.

7.8CVSS6.9AI score0.0088EPSS
cve
cve
added 2021/08/24 7:15 p.m.81 views

CVE-2021-30960

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.

5.5CVSS5.9AI score0.00439EPSS
cve
cve
added 2023/05/08 8:15 p.m.81 views

CVE-2023-28178

A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to bypass Privacy preferences.

5.5CVSS4.3AI score0.00014EPSS
cve
cve
added 2024/03/08 2:15 a.m.81 views

CVE-2024-23270

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00041EPSS
cve
cve
added 2024/03/08 2:15 a.m.81 views

CVE-2024-23290

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data.

5.5CVSS6.2AI score0.00026EPSS
cve
cve
added 2024/04/24 5:15 p.m.81 views

CVE-2024-27791

The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. An app may be able to corrupt coprocessor memory.

7.1CVSS5.2AI score0.00027EPSS
cve
cve
added 2024/07/29 11:15 p.m.81 views

CVE-2024-40815

A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

7.5CVSS6AI score0.00887EPSS
cve
cve
added 2025/01/27 10:15 p.m.81 views

CVE-2025-24160

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

4.3CVSS5.7AI score0.00146EPSS
cve
cve
added 2010/08/19 6:0 p.m.80 views

CVE-2010-2808

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.

6.8CVSS9.8AI score0.07802EPSS
cve
cve
added 2017/04/02 1:59 a.m.80 views

CVE-2017-2386

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web sit...

6.5CVSS6.1AI score0.00427EPSS
cve
cve
added 2017/04/02 1:59 a.m.80 views

CVE-2017-2430

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service...

7.8CVSS8.6AI score0.00808EPSS
cve
cve
added 2017/07/20 4:29 p.m.80 views

CVE-2017-7043

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.03473EPSS
Web
cve
cve
added 2017/10/23 1:29 a.m.80 views

CVE-2017-7096

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execu...

8.8CVSS7.7AI score0.00513EPSS
cve
cve
added 2018/04/03 6:29 a.m.80 views

CVE-2018-4115

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access restr...

9.8CVSS6.9AI score0.01224EPSS
cve
cve
added 2019/01/11 6:29 p.m.80 views

CVE-2018-4185

In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

7.5CVSS7.1AI score0.03952EPSS
cve
cve
added 2019/12/18 6:15 p.m.80 views

CVE-2019-8576

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory.

7.1CVSS6.4AI score0.00052EPSS
cve
cve
added 2020/10/27 8:15 p.m.80 views

CVE-2019-8709

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be able to execute arbitrary code with kernel privilege...

9.3CVSS8.1AI score0.00501EPSS
cve
cve
added 2020/10/27 8:15 p.m.80 views

CVE-2019-8728

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.8AI score0.00588EPSS
cve
cve
added 2020/10/27 8:15 p.m.80 views

CVE-2019-8809

A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier.

3.3CVSS4.4AI score0.00071EPSS
Total number of security vulnerabilities1896