Lucene search

K

1889 matches found

CVE
CVE
added 2015/03/18 10:59 p.m.72 views

CVE-2015-1071

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00805EPSS
CVE
CVE
added 2017/09/28 1:29 a.m.72 views

CVE-2017-11121

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.

10CVSS9.1AI score0.02083EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.72 views

CVE-2017-2482

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged con...

9.3CVSS7.9AI score0.05787EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.72 views

CVE-2017-7029

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a craf...

5.5CVSS5.4AI score0.00265EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.72 views

CVE-2017-7114

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial ...

9.3CVSS8.1AI score0.00183EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.72 views

CVE-2018-4293

A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

5.3CVSS5.7AI score0.00543EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.72 views

CVE-2018-4332

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

10CVSS8.4AI score0.00992EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.72 views

CVE-2018-4337

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

9.3CVSS7.9AI score0.00185EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.72 views

CVE-2018-4412

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.

7.8CVSS7.5AI score0.00402EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.72 views

CVE-2019-8545

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.

7.1CVSS6.5AI score0.00171EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.72 views

CVE-2019-8549

Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS7.9AI score0.00456EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.72 views

CVE-2019-8854

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address.

7.5CVSS7.4AI score0.00378EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.72 views

CVE-2020-10010

A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.

7.8CVSS6.4AI score0.00096EPSS
CVE
CVE
added 2020/12/08 9:15 p.m.72 views

CVE-2020-27905

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS7.6AI score0.00533EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.72 views

CVE-2020-27908

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted audio file may ...

7.8CVSS7.6AI score0.00482EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.72 views

CVE-2020-9795

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00626EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.72 views

CVE-2020-9918

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

10CVSS8AI score0.01424EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.72 views

CVE-2020-9962

A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted image may lead to ar...

7.8CVSS7.9AI score0.00766EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.72 views

CVE-2021-30993

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. An attacker in a privileged network position may be able to execute arbitrary code.

8.1CVSS7.6AI score0.01668EPSS
CVE
CVE
added 2023/05/08 8:15 p.m.72 views

CVE-2023-27928

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to access information about a user’s contacts.

3.3CVSS2.6AI score0.00035EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.72 views

CVE-2023-40432

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00036EPSS
CVE
CVE
added 2024/03/08 2:15 a.m.72 views

CVE-2024-23241

This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to leak sensitive user information.

6.5CVSS6.4AI score0.00112EPSS
CVE
CVE
added 2014/03/14 10:55 a.m.71 views

CVE-2014-1289

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293...

6.8CVSS7.7AI score0.01795EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.71 views

CVE-2016-1827

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1828, CVE-2016-1829, ...

9.3CVSS7.5AI score0.05151EPSS
CVE
CVE
added 2016/09/25 10:59 a.m.71 views

CVE-2016-4730

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.

9.3CVSS8.3AI score0.08398EPSS
CVE
CVE
added 2016/09/25 11:0 a.m.71 views

CVE-2016-4773

The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776.

7.1CVSS6.8AI score0.00196EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.71 views

CVE-2017-13793

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS8.7AI score0.01056EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.71 views

CVE-2017-7103

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory co...

9.8CVSS8.9AI score0.0493EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.71 views

CVE-2018-4321

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.

5.3CVSS5.8AI score0.00298EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.71 views

CVE-2019-6230

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

8.6CVSS6.8AI score0.00352EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.71 views

CVE-2019-8517

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory.

6.5CVSS6.1AI score0.00478EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.71 views

CVE-2019-8568

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.

5.5CVSS5.4AI score0.00063EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.71 views

CVE-2019-8657

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution.

8.8CVSS7.8AI score0.00645EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.71 views

CVE-2019-8794

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.

5.5CVSS5.3AI score0.00359EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.71 views

CVE-2020-27920

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing maliciously crafted web content may...

8.8CVSS7.6AI score0.00547EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.71 views

CVE-2020-27944

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a m...

7.8CVSS7.9AI score0.00461EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.71 views

CVE-2020-9868

A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An attacker may have been able to impersonate ...

9.1CVSS7.9AI score0.00192EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.71 views

CVE-2020-9944

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to read restricted memory.

5.5CVSS5.2AI score0.00302EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.71 views

CVE-2020-9968

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.7, tvOS 14.0, watchOS 7.0. A malicious application may be able to access restricted files.

5.5CVSS5AI score0.00205EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.71 views

CVE-2020-9975

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrar...

9.3CVSS7.6AI score0.00522EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.71 views

CVE-2021-30769

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

5.5CVSS5.7AI score0.00072EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.71 views

CVE-2021-30773

An issue in code signature validation was addressed with improved checks. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious application may be able to bypass code signing checks.

5.5CVSS5.8AI score0.00134EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.71 views

CVE-2021-30968

A validation issue related to hard link behavior was addressed with improved sandbox restrictions. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to bypass cer...

5.5CVSS5.5AI score0.0023EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.71 views

CVE-2022-42813

A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution.

9.8CVSS8.5AI score0.00263EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.71 views

CVE-2023-32389

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory.

5.5CVSS4.8AI score0.00041EPSS
CVE
CVE
added 2024/03/08 2:15 a.m.71 views

CVE-2024-23297

The issue was addressed with improved checks. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4. A malicious application may be able to access private information.

5.5CVSS5.3AI score0.00138EPSS
CVE
CVE
added 2025/03/31 11:15 p.m.71 views

CVE-2025-30432

A logic issue was addressed with improved state management. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sonoma 14.7.5. A malicious app may be able to attempt passcode entries on a locked device and thereby cause escalating tim...

6.4CVSS5.5AI score0.00066EPSS
CVE
CVE
added 2025/03/31 11:15 p.m.71 views

CVE-2025-31182

This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to delete files for which it does not have permission.

9.8CVSS5.7AI score0.00098EPSS
CVE
CVE
added 2025/03/31 11:15 p.m.71 views

CVE-2025-31191

This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access sensitive user data.

5.5CVSS5.3AI score0.00014EPSS
CVE
CVE
added 2014/09/18 10:55 a.m.70 views

CVE-2014-4414

WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA...

6.8CVSS7.8AI score0.01114EPSS
Total number of security vulnerabilities1889