Total
1629 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22614 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-11-02 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22638 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-11-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service attack. | |||||
| CVE-2022-22640 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-10-24 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-1815 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-10-18 | 2.1 LOW | 5.5 MEDIUM |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system. | |||||
| CVE-2020-10010 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2022-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges. | |||||
| CVE-2019-8550 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2022-10-14 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing. | |||||
| CVE-2019-8764 | 2 Apple, Webkitgtk | 2 Watchos, Webkitgtk\+ | 2022-10-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. | |||||
| CVE-2020-27909 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-10-12 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution. | |||||
| CVE-2022-22633 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-10-11 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-22592 | 1 Apple | 6 Ipados, Iphone, Macos and 3 more | 2022-09-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | |||||
| CVE-2015-3415 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2022-08-16 | 7.5 HIGH | N/A |
| The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement. | |||||
| CVE-2015-3414 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2022-08-16 | 7.5 HIGH | N/A |
| SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement. | |||||
| CVE-2015-3416 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2022-08-16 | 7.5 HIGH | N/A |
| The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. | |||||
| CVE-2020-9951 | 3 Apple, Debian, Webkit | 9 Icloud, Ipados, Iphone Os and 6 more | 2022-07-23 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-1822 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system. | |||||
| CVE-2021-1807 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2022-07-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files. | |||||
| CVE-2021-30798 | 1 Apple | 3 Iphone Os, Macos, Watchos | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. | |||||
| CVE-2021-30776 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination. | |||||
| CVE-2020-3917 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks. | |||||
| CVE-2021-1820 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. | |||||