Filtered by vendor Apple
Subscribe
Total
797 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0318 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Heap-based Buffer Overflow in vim/vim prior to 8.2. | |||||
CVE-2021-30655 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic. | |||||
CVE-2021-1834 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2021-1864 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code. | |||||
CVE-2019-8703 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges. | |||||
CVE-2021-1882 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges. | |||||
CVE-2021-1829 | 1 Apple | 1 Macos | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2019-8643 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in macOS Mojave 10.14. Description: A logic issue was addressed with improved state management.. | |||||
CVE-2021-30820 | 1 Apple | 2 Ipados, Iphone Os | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution. | |||||
CVE-2021-30678 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
CVE-2021-44790 | 7 Apache, Apple, Debian and 4 more | 14 Http Server, Mac Os X, Macos and 11 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. | |||||
CVE-2021-1770 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management. | |||||
CVE-2021-34423 | 5 Apple, Google, Linux and 2 more | 31 Iphone Os, Macos, Android and 28 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115, Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115, Zoom On-Premise Recording Connector before version 5.1.0.65.20211116, Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117, Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64. This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code. | |||||
CVE-2009-0947 | 1 Apple | 1 Files | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02. | |||||
CVE-2021-30856 | 1 Apple | 1 Macos | 2023-12-10 | 5.8 MEDIUM | 9.1 CRITICAL |
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences. | |||||
CVE-2021-30925 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
The issue was addressed with improved permissions logic. This issue is fixed in watchOS 8, macOS Big Sur 11.6, iOS 15 and iPadOS 15. A malicious application may be able to bypass Privacy preferences. | |||||
CVE-2021-1796 | 1 Apple | 2 Ipad Os, Iphone Os | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. | |||||
CVE-2021-30805 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2021-31009 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple issues were addressed by removing HDF5. This issue is fixed in iOS 15.2 and iPadOS 15.2, macOS Monterey 12.1. Multiple issues in HDF5. | |||||
CVE-2021-1794 | 1 Apple | 2 Ipad Os, Iphone Os | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. |