Filtered by vendor Apple
Subscriptions
Total
12098 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42797 | 1 Apple | 1 Xcode | 2025-03-11 | 7.8 High |
| An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges. | ||||
| CVE-2022-42826 | 3 Apple, Redhat, Webkitgtk | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-11 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-42833 | 1 Apple | 1 Macos | 2025-03-11 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-42838 | 1 Apple | 1 Macos | 2025-03-11 | 3.3 Low |
| An issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving video after the app which activated was closed. | ||||
| CVE-2022-46712 | 1 Apple | 1 Macos | 2025-03-11 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges. | ||||
| CVE-2022-46713 | 1 Apple | 1 Macos | 2025-03-11 | 4.7 Medium |
| A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system. | ||||
| CVE-2023-23500 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-11 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state. | ||||
| CVE-2023-23499 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-11 | 5.5 Medium |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data. | ||||
| CVE-2023-23497 | 1 Apple | 1 Macos | 2025-03-11 | 7.8 High |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to gain root privileges. | ||||
| CVE-2023-23496 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-11 | 8.8 High |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-46723 | 1 Apple | 1 Macos | 2025-03-11 | 9.8 Critical |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A remote user may be able to write arbitrary files. | ||||
| CVE-2023-23493 | 1 Apple | 1 Macos | 2025-03-11 | 3.3 Low |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password. | ||||
| CVE-2023-23498 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-11 | 3.3 Low |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account. | ||||
| CVE-2023-23511 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-11 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences. | ||||
| CVE-2023-23512 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-11 | 6.5 Medium |
| The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Visiting a website may lead to an app denial-of-service. | ||||
| CVE-2023-28203 | 1 Apple | 1 Music | 2025-03-07 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts. | ||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 364 Http Server, Opensearch Data Prepper, Apisix and 361 more | 2025-03-07 | 7.5 High |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | ||||
| CVE-2023-34046 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2025-03-07 | 6.7 Medium |
| VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time. | ||||
| CVE-2023-34045 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2025-03-07 | 6.6 Medium |
| VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time. | ||||
| CVE-2023-34057 | 2 Apple, Vmware | 2 Macos, Tools | 2025-03-06 | 7.8 High |
| VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine. | ||||