Lucene search

K

1587 matches found

CVE
CVE
added 2022/11/01 8:15 p.m.62 views

CVE-2022-32913

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.

3.3CVSS4.8AI score0.00064EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.62 views

CVE-2023-40420

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service.

6.5CVSS5.8AI score0.00218EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.62 views

CVE-2023-40454

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to delete files for which it does not have permission.

7.1CVSS6.1AI score0.00027EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.62 views

CVE-2023-41065

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to read sensitive location information.

3.3CVSS3.7AI score0.00026EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.62 views

CVE-2023-41070

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link.

5.5CVSS4.9AI score0.00039EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.62 views

CVE-2023-41071

A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00036EPSS
CVE
CVE
added 2024/03/28 4:15 p.m.62 views

CVE-2023-42893

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access protected ...

5.5CVSS5.8AI score0.00011EPSS
CVE
CVE
added 2024/01/23 1:15 a.m.62 views

CVE-2024-23215

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensitive data.

5.5CVSS5.3AI score0.00023EPSS
CVE
CVE
added 2024/01/23 1:15 a.m.62 views

CVE-2024-23218

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the ...

5.9CVSS5.7AI score0.00172EPSS
CVE
CVE
added 2024/06/10 9:15 p.m.62 views

CVE-2024-27815

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.17999EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.62 views

CVE-2024-27884

This issue was addressed with a new entitlement. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to access user-sensitive data.

5.5CVSS5.8AI score0.00042EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.62 views

CVE-2024-40795

This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information.

3.3CVSS5.5AI score0.00044EPSS
CVE
CVE
added 2024/12/12 2:15 a.m.62 views

CVE-2024-54526

The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to access private information.

5.5CVSS5.6AI score0.00047EPSS
CVE
CVE
added 2015/10/23 9:59 p.m.61 views

CVE-2015-5925

The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.

6.8CVSS7.5AI score0.01866EPSS
CVE
CVE
added 2016/06/26 1:59 a.m.61 views

CVE-2015-7988

The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.

9.8CVSS9.7AI score0.03714EPSS
CVE
CVE
added 2016/07/22 2:59 a.m.61 views

CVE-2016-4607

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.2AI score
CVE
CVE
added 2017/02/20 8:59 a.m.61 views

CVE-2016-4673

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to execute arbitrary code or cause a denial o...

7.8CVSS8.1AI score0.00732EPSS
CVE
CVE
added 2016/09/25 10:59 a.m.61 views

CVE-2016-4725

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

8.1CVSS7.7AI score0.01307EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.61 views

CVE-2018-4094

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of s...

7.8CVSS8.6AI score0.00516EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.61 views

CVE-2018-4343

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

9.3CVSS7.9AI score0.03814EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.61 views

CVE-2020-3916

An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. Setting an alternate app icon may disclose a photo without needing permission to access photos.

5.3CVSS5.6AI score0.00206EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.61 views

CVE-2020-9974

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to determine kernel memory layout.

5.5CVSS4.9AI score0.00349EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.61 views

CVE-2022-32835

This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.

3.3CVSS4.6AI score0.00067EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.61 views

CVE-2022-32899

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.0011EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.61 views

CVE-2022-32932

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00188EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.61 views

CVE-2023-28202

This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app.

5.5CVSS5.1AI score0.00025EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.61 views

CVE-2023-32392

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to read sensitive location information.

5.5CVSS5.5AI score0.00023EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.61 views

CVE-2023-40410

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory.

5.5CVSS4.9AI score0.00027EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.61 views

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. An app may be able to bypass Privacy preferences.

7.1CVSS5.8AI score0.00032EPSS
CVE
CVE
added 2025/01/27 10:15 p.m.61 views

CVE-2025-24086

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service.

5.5CVSS5.8AI score0.00022EPSS
CVE
CVE
added 2016/03/24 1:59 a.m.60 views

CVE-2016-1740

FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

9.3CVSS7.4AI score0.0135EPSS
CVE
CVE
added 2016/09/25 10:59 a.m.60 views

CVE-2016-4737

WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.3CVSS9.1AI score0.01841EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.60 views

CVE-2016-7657

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.

4.3CVSS3.4AI score0.00201EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.60 views

CVE-2016-7660

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "syslog" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.

7.8CVSS5.9AI score0.00183EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.60 views

CVE-2017-2352

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Unlock with iPhone" component, which allows attackers to bypass the wrist-presence protection mechanism and unlock a Watch device via unspecified vectors.

4.6CVSS4.3AI score0.00073EPSS
CVE
CVE
added 2017/10/23 1:29 a.m.60 views

CVE-2017-7129

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (ap...

9.8CVSS8.6AI score0.01729EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.60 views

CVE-2019-8547

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update ...

9.8CVSS7AI score0.01002EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.60 views

CVE-2019-8593

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8.3AI score0.00384EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.60 views

CVE-2020-3834

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00374EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.60 views

CVE-2020-9768

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges.

9.3CVSS7.9AI score0.00477EPSS
CVE
CVE
added 2020/10/16 5:15 p.m.60 views

CVE-2020-9878

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.2AI score0.014EPSS
CVE
CVE
added 2020/10/22 7:15 p.m.60 views

CVE-2020-9985

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.3AI score0.00865EPSS
CVE
CVE
added 2023/09/27 3:18 p.m.60 views

CVE-2023-35990

The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed.

3.3CVSS3.7AI score0.00046EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.60 views

CVE-2023-40419

The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to gain elevated privileges.

7.8CVSS6.6AI score0.00024EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.60 views

CVE-2023-40424

The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data.

5.5CVSS4.9AI score0.00069EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.60 views

CVE-2023-40448

The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. A remote attacker may be able to break out of Web Content sandbox.

8.6CVSS7.4AI score0.01544EPSS
CVE
CVE
added 2024/01/23 1:15 a.m.60 views

CVE-2023-42937

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.

5.5CVSS5.6AI score0.00021EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.60 views

CVE-2024-27823

A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5. An attacker in a privileged network position may be able to spo...

5.9CVSS5.6AI score0.00267EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.60 views

CVE-2024-40785

This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

6.1CVSS5.3AI score0.00846EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.60 views

CVE-2024-40809

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, visionOS 1.3, macOS Sonoma 14.6. A shortcut may be able to bypass Internet permission requirements.

7.8CVSS5.7AI score0.00075EPSS
Total number of security vulnerabilities1587