Filtered by vendor Apple
Subscribe
Search
Total
10011 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26725 | 1 Apple | 1 Macos | 2022-06-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persist after it is removed with Preview Inspector. | |||||
| CVE-2022-26726 | 1 Apple | 3 Mac Os X, Macos, Watchos | 2022-06-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. | |||||
| CVE-2022-26706 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
| CVE-2022-26711 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-26727 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system. | |||||
| CVE-2022-26771 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26773 | 1 Apple | 1 Itunes | 2022-06-07 | 5.8 MEDIUM | 7.1 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. | |||||
| CVE-2022-26772 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26740 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26739 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26743 | 1 Apple | 1 Macos | 2022-06-07 | 6.9 MEDIUM | 7.0 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges. | |||||
| CVE-2022-26741 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26742 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26746 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. | |||||
| CVE-2022-26745 | 1 Apple | 1 Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory. | |||||
| CVE-2022-26744 | 1 Apple | 2 Ipados, Iphone Os | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26748 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-26749 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26747 | 1 Apple | 1 Xcode | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges. | |||||
| CVE-2022-26755 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.3 MEDIUM | 6.3 MEDIUM |
| This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox. | |||||
| CVE-2022-26750 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26751 | 1 Apple | 5 Ipados, Iphone Os, Itunes and 2 more | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2022-26753 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26752 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26754 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-5013 | 2 Apple, Wacom | 2 Macos, Driver | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2019-5012 | 2 Apple, Wacom | 2 Macos, Driver | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2020-13524 | 2 Apple, Pixar | 3 Mac Os X, Macos, Openusd | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | |||||
| CVE-2020-13520 | 2 Apple, Pixar | 2 Macos, Openusd | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs to access an attacker-provided malformed file. | |||||
| CVE-2022-26712 | 1 Apple | 1 Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system. | |||||
| CVE-2022-26728 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files. | |||||
| CVE-2022-26736 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26737 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26738 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2010-0129 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2022-06-07 | 9.3 HIGH | 8.8 HIGH |
| Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error. | |||||
| CVE-2022-28874 | 4 Apple, F-secure, Microsoft and 1 more | 7 Macos, Atlant, Elements Endpoint Protection and 4 more | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2020-3878 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2022-06-05 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2020-9967 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-06-04 | 9.3 HIGH | 7.8 HIGH |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2020-9842 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2022-06-04 | 5.8 MEDIUM | 7.1 HIGH |
| An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions. | |||||
| CVE-2011-4372 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. | |||||
| CVE-2011-4373 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. | |||||
| CVE-2021-1738 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-1772 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execution. | |||||
| CVE-2022-26724 | 1 Apple | 1 Tvos | 2022-06-03 | 2.1 LOW | 5.5 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication. | |||||
| CVE-2021-1737 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2022-26694 | 1 Apple | 1 Macos | 2022-06-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data. | |||||
| CVE-2022-26693 | 1 Apple | 1 Macos | 2022-06-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data. | |||||
| CVE-2022-22673 | 1 Apple | 2 Ipados, Iphone Os | 2022-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service. | |||||
| CVE-2020-9817 | 1 Apple | 1 Mac Os X | 2022-06-02 | 9.3 HIGH | 7.8 HIGH |
| A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to gain root privileges. | |||||
| CVE-2020-9889 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2022-06-02 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. | |||||