Search
Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41993 | 3 Apple, Debian, Fedoraproject | 6 Ipados, Iphone Os, Macos and 3 more | 2024-01-10 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 16.7 and iPadOS 16.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | |||||
| CVE-2023-40400 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-12-22 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-32412 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 9.8 CRITICAL |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-32419 | 1 Apple | 2 Ipados, Iphone Os | 2023-07-27 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2023-23526 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-07-27 | N/A | 9.8 CRITICAL |
| This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper. | |||||
| CVE-2022-26711 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2020-3909 | 2 Apple, Oracle | 8 Icloud, Ipados, Iphone Os and 5 more | 2022-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-2018-25014 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2018-25011 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-36330 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2021-11-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
| CVE-2021-30820 | 1 Apple | 2 Ipados, Iphone Os | 2021-10-20 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2021-1882 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2021-09-20 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges. | |||||
| CVE-2021-1864 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2021-09-16 | 7.5 HIGH | 9.8 CRITICAL |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code. | |||||
| CVE-2021-1770 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2021-09-16 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management. | |||||
| CVE-2020-3911 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-2020-3910 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-2019-8779 | 1 Apple | 2 Ipados, Iphone Os | 2019-12-26 | 7.5 HIGH | 10.0 CRITICAL |
| A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions. | |||||