Lucene search

K

1896 matches found

CVE
CVE
added 2017/10/23 1:29 a.m.69 views

CVE-2017-7128

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (ap...

9.8CVSS8.6AI score0.01729EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.69 views

CVE-2017-7130

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (ap...

9.8CVSS8.6AI score0.01729EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.69 views

CVE-2019-8562

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

9.6CVSS8AI score0.00475EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.69 views

CVE-2019-8570

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information.

6.5CVSS6.3AI score0.00478EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.69 views

CVE-2019-8648

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.3AI score0.01127EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.69 views

CVE-2019-8744

A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious applicati...

5.5CVSS5.8AI score0.00314EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.69 views

CVE-2019-8780

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13. A malicious application may be able to determine kernel memory layout.

7.1CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.69 views

CVE-2020-3883

This issue was addressed with improved checks. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to use arbitrary entitlements.

8.8CVSS7AI score0.00475EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.69 views

CVE-2020-9808

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to cause unexpected system termination or write kernel memory.

7.1CVSS6.6AI score0.00335EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.69 views

CVE-2021-1785

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code exec...

7.8CVSS8AI score0.00419EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.69 views

CVE-2021-1822

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system.

5.5CVSS5.6AI score0.00056EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.69 views

CVE-2021-1864

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code.

9.8CVSS8.3AI score0.01689EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.69 views

CVE-2022-32907

This issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00155EPSS
CVE
CVE
added 2023/09/27 3:18 p.m.69 views

CVE-2023-32396

This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.

7.8CVSS7AI score0.00021EPSS
CVE
CVE
added 2024/06/10 9:15 p.m.69 views

CVE-2024-27832

The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges.

9.1CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2024/06/10 9:15 p.m.69 views

CVE-2024-27840

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypass...

7.5CVSS6.4AI score0.00015EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.69 views

CVE-2024-40784

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app terminati...

7.8CVSS6.1AI score0.00049EPSS
CVE
CVE
added 2016/03/24 1:59 a.m.68 views

CVE-2016-1755

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.

9.3CVSS7.1AI score0.03453EPSS
CVE
CVE
added 2016/05/20 10:59 a.m.68 views

CVE-2016-1828

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1829, ...

9.3CVSS7.5AI score0.05151EPSS
CVE
CVE
added 2016/09/25 10:59 a.m.68 views

CVE-2016-4728

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.

8.8CVSS8.4AI score0.01042EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.68 views

CVE-2017-2440

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.00451EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.68 views

CVE-2017-2448

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Keychain secret protection mechanism by leveraging l...

5.9CVSS6AI score0.00682EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.68 views

CVE-2017-2455

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.04294EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.68 views

CVE-2017-2473

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.04697EPSS
Web
CVE
CVE
added 2017/07/20 4:29 p.m.68 views

CVE-2017-7024

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS8.1AI score0.00472EPSS
CVE
CVE
added 2017/07/20 4:29 p.m.68 views

CVE-2017-7028

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a craf...

5.5CVSS5.4AI score0.00265EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.68 views

CVE-2017-7080

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust restrictions via a rev...

7.5CVSS6.9AI score0.00441EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.68 views

CVE-2017-7105

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory co...

10CVSS8.9AI score0.10946EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.68 views

CVE-2018-4143

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.00183EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.68 views

CVE-2019-8612

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS ...

6.5CVSS6.1AI score0.00323EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.68 views

CVE-2020-10004

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS7.7AI score0.00559EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.68 views

CVE-2020-9885

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group.

5.5CVSS6.1AI score0.0011EPSS
CVE
CVE
added 2020/10/22 7:15 p.m.68 views

CVE-2020-9994

A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to overwrite arbitrary files.

7.1CVSS6.4AI score0.00284EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.68 views

CVE-2021-30664

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00462EPSS
CVE
CVE
added 2021/09/08 2:15 p.m.68 views

CVE-2021-30752

Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation.

7.8CVSS8AI score0.00406EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.68 views

CVE-2021-30926

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.6AI score0.00572EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.68 views

CVE-2021-30947

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to access a user's files.

5.5CVSS5.5AI score0.0029EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.68 views

CVE-2022-22584

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00452EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.68 views

CVE-2022-32903

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00192EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.68 views

CVE-2023-40384

A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information.

3.3CVSS3.7AI score0.0002EPSS
CVE
CVE
added 2024/01/23 1:15 a.m.68 views

CVE-2024-23223

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data.

6.2CVSS5.7AI score0.00022EPSS
CVE
CVE
added 2024/03/08 2:15 a.m.68 views

CVE-2024-23293

This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS6AI score0.00084EPSS
CVE
CVE
added 2024/05/14 3:13 p.m.68 views

CVE-2024-27810

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to read sensitive location information.

9.8CVSS5AI score0.00052EPSS
CVE
CVE
added 2025/03/31 11:15 p.m.68 views

CVE-2025-24230

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Playing a malicious audio file may lead to an unexpected app termination.

9.8CVSS5.7AI score0.0006EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.67 views

CVE-2014-4466

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

7.5CVSS7.8AI score0.01006EPSS
CVE
CVE
added 2015/04/10 2:59 p.m.67 views

CVE-2015-1117

The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted...

6.9CVSS6.6AI score0.00126EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.67 views

CVE-2017-13796

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.67 views

CVE-2017-13802

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
CVE
CVE
added 2021/12/23 8:15 p.m.67 views

CVE-2017-13905

A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.

8.1CVSS6.9AI score0.00607EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.67 views

CVE-2017-2407

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of se...

7.8CVSS8.6AI score0.00596EPSS
Total number of security vulnerabilities1896