Lucene search

K

1889 matches found

CVE
CVE
added 2021/04/02 6:15 p.m.80 views

CVE-2021-1773

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to a denial of service.

5.5CVSS5.7AI score0.00309EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.80 views

CVE-2021-30759

A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8.2AI score0.01048EPSS
CVE
CVE
added 2021/10/28 7:15 p.m.80 views

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00634EPSS
CVE
CVE
added 2022/09/23 7:15 p.m.80 views

CVE-2022-32815

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00135EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.80 views

CVE-2022-42795

A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00339EPSS
CVE
CVE
added 2022/12/15 7:15 p.m.80 views

CVE-2022-42851

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2. Parsing a maliciously crafted TIFF file may lead to disclosure of user information.

5.5CVSS5.9AI score0.00048EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.80 views

CVE-2023-32357

An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to retain access to system configuration files even after its permission ...

7.1CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2024/01/23 1:15 a.m.80 views

CVE-2024-23212

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00054EPSS
CVE
CVE
added 2025/02/10 7:15 p.m.80 views

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00133EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.79 views

CVE-2010-2805

The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9.5AI score0.05634EPSS
CVE
CVE
added 2014/09/18 10:55 a.m.79 views

CVE-2014-4389

Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.

9.3CVSS5.8AI score0.01745EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.79 views

CVE-2017-13862

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.00253EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.79 views

CVE-2017-2415

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code by leveraging an unspecified ...

8.8CVSS7.3AI score0.01176EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.79 views

CVE-2017-2485

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to execute arbitrary code or cause a denial of serv...

9.3CVSS8.6AI score0.0205EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.79 views

CVE-2017-7154

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (system crash).

6.6CVSS5.8AI score0.00093EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.79 views

CVE-2019-8734

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.8AI score0.00588EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.79 views

CVE-2019-8798

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

5.5CVSS6.5AI score0.00173EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.79 views

CVE-2020-29614

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a mal...

7.8CVSS6.9AI score0.00352EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.79 views

CVE-2020-29617

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS7AI score0.00352EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.79 views

CVE-2020-9812

An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.

7.1CVSS4.8AI score0.00297EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.79 views

CVE-2020-9813

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00484EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.79 views

CVE-2020-9880

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.2AI score0.01044EPSS
CVE
CVE
added 2020/10/22 7:15 p.m.79 views

CVE-2020-9919

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.00794EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.79 views

CVE-2020-9943

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. A malicious application may be able to read restricted memory.

5.5CVSS5.1AI score0.00302EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.79 views

CVE-2020-9979

A trust issue was addressed by removing a legacy API. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0. An attacker may be able to misuse a trust relationship to download malicious content.

5.5CVSS5.5AI score0.0012EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.79 views

CVE-2021-1742

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00395EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.79 views

CVE-2021-1764

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.

7.5CVSS7.2AI score0.01093EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.79 views

CVE-2021-1774

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00419EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.79 views

CVE-2021-1787

Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges.

7.8CVSS7AI score0.00122EPSS
CVE
CVE
added 2021/10/19 2:15 p.m.79 views

CVE-2021-30850

An access issue was addressed with improved access restrictions. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access to protected parts of the file system.

7.1CVSS5.5AI score0.00222EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.79 views

CVE-2021-30958

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Playing a malicious audio file may lead to arbitrary code execution.

7.8CVSS7.6AI score0.0034EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.79 views

CVE-2021-30980

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00591EPSS
CVE
CVE
added 2022/05/26 7:15 p.m.79 views

CVE-2022-26724

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication.

5.5CVSS4.8AI score0.00042EPSS
CVE
CVE
added 2023/05/08 8:15 p.m.79 views

CVE-2023-27942

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to access user-sensitive data.

5.5CVSS4.2AI score0.00036EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.79 views

CVE-2023-32422

This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences.

5.5CVSS5.3AI score0.00167EPSS
CVE
CVE
added 2024/03/08 2:15 a.m.79 views

CVE-2024-23246

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.

8.6CVSS5.5AI score0.00072EPSS
CVE
CVE
added 2024/03/08 2:15 a.m.79 views

CVE-2024-23250

An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access Bluetooth-connected microphones without user permission.

5.5CVSS6.2AI score0.00015EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.78 views

CVE-2016-1841

libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

8.8CVSS8.3AI score0.01678EPSS
CVE
CVE
added 2016/09/25 10:59 a.m.78 views

CVE-2016-4765

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767,...

8.8CVSS8.8AI score0.00976EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.78 views

CVE-2017-13794

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
Web
CVE
CVE
added 2017/04/02 1:59 a.m.78 views

CVE-2017-2441

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerability allows remote attackers to execute arbitrary c...

9.3CVSS8.1AI score0.02183EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.78 views

CVE-2017-7018

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.03472EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.78 views

CVE-2017-7025

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS8.1AI score0.00472EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.78 views

CVE-2017-7030

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.00513EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.78 views

CVE-2017-7052

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.00927EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.78 views

CVE-2017-7083

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component. It allows remote attackers to cause a denial of service.

4.9CVSS5.6AI score0.01772EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.78 views

CVE-2017-7151

A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.

7CVSS6.6AI score0.00254EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.78 views

CVE-2018-4130

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.6AI score0.00831EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.78 views

CVE-2018-4142

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) vi...

7.5CVSS6.8AI score0.03008EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.78 views

CVE-2018-4167

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a pri...

7.6CVSS7.2AI score0.00152EPSS
Total number of security vulnerabilities1889