Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
5463 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-42925 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-20 | 3.3 Low |
| The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access Notes attachments. | ||||
| CVE-2023-32423 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-20 | 6.5 Medium |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. | ||||
| CVE-2023-42957 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-19 | 3.3 Low |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10. An app may be able to read sensitive location information. | ||||
| CVE-2023-40396 | 1 Apple | 7 Ios, Ipad Os, Ipados and 4 more | 2025-03-19 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32933 | 2 Apple, Redhat | 3 Macos, Enterprise Linux, Rhel Els | 2025-03-18 | 5.3 Medium |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode. | ||||
| CVE-2023-23530 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-18 | 8.6 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | ||||
| CVE-2023-23524 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-18 | 7.5 High |
| A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service. | ||||
| CVE-2023-42948 | 1 Apple | 1 Macos | 2025-03-17 | 3.3 Low |
| This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14. A Wi-Fi password may not be deleted when activating a Mac in macOS Recovery. | ||||
| CVE-2023-42943 | 1 Apple | 1 Macos | 2025-03-15 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14. An app may be able to read sensitive location information. | ||||
| CVE-2023-30774 | 3 Apple, Libtiff, Redhat | 3 Macos, Libtiff, Enterprise Linux | 2025-03-14 | 5.5 Medium |
| A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | ||||
| CVE-2024-22267 | 2 Apple, Vmware | 4 Macos, Fusion, Vmware Workstation and 1 more | 2025-03-14 | 9.3 Critical |
| VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | ||||
| CVE-2023-42958 | 1 Apple | 1 Macos | 2025-03-13 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.4. An app may be able to gain elevated privileges. | ||||
| CVE-2023-40398 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-13 | 8.8 High |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A sandboxed process may be able to circumvent sandbox restrictions. | ||||
| CVE-2023-26020 | 4 Apple, Craftercms, Linux and 1 more | 4 Macos, Crafter Cms, Linux Kernel and 1 more | 2025-03-12 | 5.7 Medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26. | ||||
| CVE-2023-23503 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-12 | 5.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences. | ||||
| CVE-2023-23502 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-12 | 5.5 Medium |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout. | ||||
| CVE-2022-32896 | 1 Apple | 1 Macos | 2025-03-12 | 5.5 Medium |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information. | ||||
| CVE-2022-22668 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-12 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2023-23501 | 1 Apple | 1 Macos | 2025-03-12 | 5.5 Medium |
| The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory. | ||||
| CVE-2020-9846 | 1 Apple | 1 Macos | 2025-03-11 | 5.3 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. | ||||