Filtered by vendor Apple
Subscribe
Total
2028 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-32424 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2024-01-18 | N/A | 5.5 MEDIUM |
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4, watchOS 9.4. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | |||||
CVE-2023-40385 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-01-18 | N/A | 6.5 MEDIUM |
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. A remote attacker may be able to view leaked DNS queries with Private Relay turned on. | |||||
CVE-2023-28185 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-01-17 | N/A | 5.5 MEDIUM |
An integer overflow was addressed through improved input validation. This issue is fixed in tvOS 16.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to cause a denial-of-service. | |||||
CVE-2023-41069 | 1 Apple | 2 Ipados, Iphone Os | 2024-01-17 | N/A | 5.5 MEDIUM |
This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 17 and iPadOS 17. A 3D model constructed to look like the enrolled user may authenticate via Face ID. | |||||
CVE-2023-42829 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases. | |||||
CVE-2023-42862 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-01-17 | N/A | 6.5 MEDIUM |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | |||||
CVE-2023-42831 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to fingerprint the user. | |||||
CVE-2023-42865 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-01-17 | N/A | 6.5 MEDIUM |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | |||||
CVE-2023-40437 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information. | |||||
CVE-2023-40433 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks. | |||||
CVE-2022-32919 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 4.7 MEDIUM |
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing. | |||||
CVE-2022-32931 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root privileges may be able to access private information. | |||||
CVE-2023-38607 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings. | |||||
CVE-2022-48577 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | |||||
CVE-2022-48504 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | |||||
CVE-2022-46710 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet. | |||||
CVE-2024-20715 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-17 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20714 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-17 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-42941 | 1 Apple | 2 Ipados, Iphone Os | 2024-01-16 | N/A | 4.8 MEDIUM |
The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets. | |||||
CVE-2023-42934 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 4.2 MEDIUM |
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app with root privileges may be able to access private information. |