Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3473 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-1736 | 1 Apple | 2 Mac Os X, Macos | 2024-08-03 | 7.8 High |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
CVE-2021-1754 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-03 | 7.8 High |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
CVE-2021-1753 | 1 Apple | 4 Ipad Os, Iphone Os, Mac Os X and 1 more | 2024-08-03 | 7.8 High |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
CVE-2021-1739 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-03 | 5.5 Medium |
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system. | ||||
CVE-2021-1737 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-08-03 | 7.8 High |
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
CVE-2021-1741 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-03 | 7.8 High |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
CVE-2022-48683 | 1 Apple | 1 Macos | 2024-08-03 | 8.6 High |
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13. An app may be able to break out of its sandbox. | ||||
CVE-2022-48577 | 1 Apple | 1 Macos | 2024-08-03 | 5.5 Medium |
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | ||||
CVE-2022-48505 | 1 Apple | 1 Macos | 2024-08-03 | 5.5 Medium |
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system | ||||
CVE-2022-48504 | 1 Apple | 1 Macos | 2024-08-03 | 5.5 Medium |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | ||||
CVE-2022-48481 | 2 Apple, Jetbrains | 2 Macos, Toolbox | 2024-08-03 | 5.2 Medium |
In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible | ||||
CVE-2022-48503 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-03 | 8.8 High |
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution. | ||||
CVE-2022-47965 | 1 Apple | 1 Macos | 2024-08-03 | 7.8 High |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
CVE-2022-47915 | 1 Apple | 1 Macos | 2024-08-03 | 7.8 High |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
CVE-2022-46828 | 2 Apple, Jetbrains | 2 Macos, Intellij Idea | 2024-08-03 | 5.2 Medium |
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible. | ||||
CVE-2022-46720 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-03 | 8.6 High |
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to break out of its sandbox | ||||
CVE-2022-46875 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2024-08-03 | 6.5 Medium |
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. | ||||
CVE-2022-46718 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-03 | 5.5 Medium |
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information | ||||
CVE-2022-46701 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-08-03 | 7.8 High |
The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges. | ||||
CVE-2022-46696 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-08-03 | 8.8 High |
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. |