Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3473 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-42800 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-08-03 | 7.8 High |
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution. | ||||
CVE-2022-42791 | 1 Apple | 2 Iphone Os, Macos | 2024-08-03 | 7.0 High |
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
CVE-2022-42809 | 1 Apple | 1 Macos | 2024-08-03 | 7.8 High |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution. | ||||
CVE-2022-42825 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-03 | 5.5 Medium |
This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system. | ||||
CVE-2022-42789 | 1 Apple | 1 Macos | 2024-08-03 | 5.5 Medium |
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data. | ||||
CVE-2022-42806 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-03 | 7.0 High |
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
CVE-2022-42808 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-03 | 9.8 Critical |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution. | ||||
CVE-2022-42814 | 1 Apple | 1 Macos | 2024-08-03 | 5.5 Medium |
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | ||||
CVE-2022-42810 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-08-03 | 5.5 Medium |
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing a maliciously crafted USD file may disclose memory contents. | ||||
CVE-2022-42833 | 1 Apple | 1 Macos | 2024-08-03 | 7.8 High |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
CVE-2022-42818 | 1 Apple | 1 Macos | 2024-08-03 | 5.9 Medium |
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity. | ||||
CVE-2022-42788 | 1 Apple | 1 Macos | 2024-08-03 | 5.5 Medium |
A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Ventura 13. A malicious application may be able to read sensitive location information. | ||||
CVE-2022-42796 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-03 | 7.8 High |
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges. | ||||
CVE-2022-42793 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-03 | 5.5 Medium |
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks. | ||||
CVE-2022-42795 | 1 Apple | 4 Iphone Os, Macos, Tvos and 1 more | 2024-08-03 | 8.8 High |
A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
CVE-2022-42790 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-03 | 5.5 Medium |
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen. | ||||
CVE-2022-41950 | 3 Apple, Linux, Super Xray Project | 3 Macos, Linux Kernel, Super Xray | 2024-08-03 | 6.4 Medium |
super-xray is the GUI alternative for vulnerability scanning tool xray. In 0.2-beta, a privilege escalation vulnerability was discovered. This caused inaccurate default xray permissions. Note: this vulnerability only affects Linux and Mac OS systems. Users should upgrade to super-xray 0.3-beta. | ||||
CVE-2022-40303 | 4 Apple, Netapp, Redhat and 1 more | 25 Ipados, Iphone Os, Macos and 22 more | 2024-08-03 | 7.5 High |
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. | ||||
CVE-2022-40304 | 4 Apple, Netapp, Redhat and 1 more | 25 Ipados, Iphone Os, Macos and 22 more | 2024-08-03 | 7.8 High |
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. | ||||
CVE-2022-38166 | 3 Apple, F-secure, Microsoft | 3 Macos, Elements Endpoint Protection, Windows | 2024-08-03 | 7.5 High |
In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service. |