Skip to main content

Apple

8072 CVEs vendor

Monthly

CVE-2024-23745 CRITICAL POC Act Now

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Command Injection Web Clipper
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2024-23740 CRITICAL Act Now

An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Kap
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-23742 CRITICAL Act Now

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple Loom
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-23741 CRITICAL Act Now

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple Hyper
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2024-23739 CRITICAL POC Act Now

An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple RCE Discord
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2024-23743 LOW POC Monitor

Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Node.js RCE Notion
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2024-23738 CRITICAL POC Act Now

An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple RCE Postman
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-23655 MEDIUM POC This Month

Tuta is an encrypted email service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Tutanota
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-0804 HIGH This Week

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Google Chrome Fedora
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-0752 MEDIUM This Month

A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Denial Of Service Mozilla Apple +1
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-23224 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-23223 MEDIUM This Month

A privacy issue was addressed with improved handling of files. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2024-23222 HIGH POC KEV THREAT Act Now

Arbitrary code execution in Apple WebKit affects Safari and the system browser engine across iOS, iPadOS, macOS, tvOS, and visionOS, where a type confusion flaw allows attackers to execute code via maliciously crafted web content. The vulnerability is confirmed actively exploited (CISA KEV) and was used in the Coruna exploit chain against older iOS devices before being backported to legacy versions. EPSS sits at 0.62% (70th percentile), consistent with targeted exploitation rather than mass scanning.

Apple RCE Memory Corruption
NVD VulDB GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-23219 MEDIUM This Month

The issue was addressed with improved authentication. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os
NVD VulDB
CVSS 3.1
6.2
EPSS
0.1%
CVE-2024-23218 MEDIUM This Month

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD VulDB
CVSS 3.1
5.9
EPSS
0.2%
CVE-2024-23217 LOW Monitor

A privacy issue was addressed with improved handling of temporary files. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS +1
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2024-23215 MEDIUM This Month

An issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-23214 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption Buffer Overflow Ipados +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-23213 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Safari Ipados +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-23212 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-23211 LOW Monitor

A privacy issue was addressed with improved handling of user preferences. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +2
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2024-23210 LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2024-23209 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-23208 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection Ipados Iphone Os +3
NVD VulDB
CVSS 3.1
7.8
EPSS
3.0%
CVE-2024-23207 MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-23206 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +3
NVD VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-23204 HIGH This Week

The issue was addressed with additional permissions checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-23203 HIGH This Week

The issue was addressed with additional permissions checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-0606 MEDIUM This Month

An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Firefox Focus
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-0605 HIGH This Week

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Race Condition RCE Firefox Focus
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-42941 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.8). No vendor patch available.

Denial Of Service Apple Ipados Iphone Os iOS
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2023-42934 MEDIUM This Month

An information disclosure issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
4.2
EPSS
0.1%
CVE-2023-42933 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-42929 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-42876 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-42872 MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +2
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-42871 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-42870 HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-42869 HIGH This Week

Multiple memory corruption issues were addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-42866 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari Ipados Iphone Os +4
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-42865 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +4
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-42862 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +4
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-42833 HIGH This Week

A correctness issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection Safari Ipados +3
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-42832 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure macOS
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-42831 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-42830 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-42829 MEDIUM This Month

The issue was addressed with additional restrictions on the observability of app states. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-42828 HIGH This Week

This issue was addressed by removing the vulnerable code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-42826 HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-41994 MEDIUM This Month

A logic issue was addressed with improved checks This issue is fixed in macOS Sonoma 14. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-41987 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-41974 HIGH POC KEV THREAT Act Now

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Memory Corruption RCE Use After Free Apple Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
Threat
4.6
CVE-2023-41075 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-41069 MEDIUM This Month

This issue was addressed by improving Face ID anti-spoofing models. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os iOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-41060 HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-40529 LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os iOS
NVD
CVSS 3.1
2.4
EPSS
0.1%
CVE-2023-40439 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Ipados Iphone Os macOS +1
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-40438 MEDIUM This Month

An issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-40437 MEDIUM This Month

A privacy issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-40433 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-40430 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-40414 CRITICAL Act Now

A use-after-free issue was addressed with improved memory management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Apple Safari +6
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-40411 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-40394 LOW Monitor

The issue was addressed with improved validation of environment variables. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os iOS
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-40393 HIGH This Week

An authentication issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS iOS
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-40385 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari Ipados Iphone Os +2
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-40383 LOW Monitor

A path handling issue was addressed with improved validation. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Path Traversal macOS
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-38612 LOW Monitor

The issue was addressed with improved checks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2023-38610 HIGH This Week

A memory corruption issue was addressed by removing the vulnerable code. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-38607 MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-32436 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2023-32424 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Watchos +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-32401 HIGH This Week

A buffer overflow was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Microsoft macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-32383 HIGH This Week

This issue was addressed by forcing hardened runtime on the affected binaries at the system level. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32378 HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-32366 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28197 LOW Monitor

An access issue was addressed with additional sandbox restrictions. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Information Disclosure macOS
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-28185 MEDIUM This Month

An integer overflow was addressed through improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apple Ipados Iphone Os +4
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-48577 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-48504 MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-47965 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-47915 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-46721 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-46710 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-42839 LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +1
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-42816 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-32931 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-32919 MEDIUM This Month

The issue was addressed with improved UI handling. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-21668 npm MEDIUM PATCH Monitor

react-native-mmkv is a library that allows easy use of MMKV inside React Native applications. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure Apple Google React Native Mmkv Android +1
NVD GitHub
CVSS 3.1
4.4
EPSS
0.3%
CVE-2022-48618 HIGH KEV THREAT Act Now

The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev) and no vendor patch available.

Authentication Bypass Apple Ipados Iphone Os macOS +3
NVD
CVSS 3.1
7.0
EPSS
0.2%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Command Injection Web Clipper
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Kap
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple RCE Discord
NVD GitHub
EPSS 0% CVSS 3.3
LOW POC Monitor

Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Node.js +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple RCE Postman
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Tuta is an encrypted email service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Tutanota
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Google +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Denial Of Service +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM This Month

A privacy issue was addressed with improved handling of files. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD VulDB
EPSS 1% CVSS 8.8
HIGH POC KEV THREAT Act Now

Arbitrary code execution in Apple WebKit affects Safari and the system browser engine across iOS, iPadOS, macOS, tvOS, and visionOS, where a type confusion flaw allows attackers to execute code via maliciously crafted web content. The vulnerability is confirmed actively exploited (CISA KEV) and was used in the Coruna exploit chain against older iOS devices before being backported to legacy versions. EPSS sits at 0.62% (70th percentile), consistent with targeted exploitation rather than mass scanning.

Apple RCE Memory Corruption
NVD VulDB GitHub
EPSS 0% CVSS 6.2
MEDIUM This Month

The issue was addressed with improved authentication. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados +1
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM This Month

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD VulDB
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved handling of temporary files. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow +6
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +4
NVD VulDB
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved handling of user preferences. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +4
NVD VulDB
EPSS 0% CVSS 3.3
LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD VulDB
EPSS 3% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection +5
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD VulDB
EPSS 1% CVSS 6.5
MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +5
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

The issue was addressed with additional permissions checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

The issue was addressed with additional permissions checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +2
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple XSS Firefox Focus
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Race Condition RCE +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.8). No vendor patch available.

Denial Of Service Apple Ipados +2
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

An information disclosure issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 7.1
HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +5
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Multiple memory corruption issues were addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Apple +4
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari +6
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +6
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A correctness issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection +5
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with additional restrictions on the observability of app states. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

This issue was addressed by removing the vulnerable code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved checks This issue is fixed in macOS Sonoma 14. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% 4.6 CVSS 7.8
HIGH POC KEV THREAT Act Now

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Memory Corruption RCE Use After Free +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed by improving Face ID anti-spoofing models. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A type confusion issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +4
NVD
EPSS 0% CVSS 2.4
LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A privacy issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

A use-after-free issue was addressed with improved memory management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +8
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The issue was addressed with improved validation of environment variables. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An authentication issue was addressed with improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Safari +4
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A path handling issue was addressed with improved validation. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Path Traversal +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The issue was addressed with improved checks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A memory corruption issue was addressed by removing the vulnerable code. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Apple +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 7.1
HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

This issue was addressed by forcing hardened runtime on the affected binaries at the system level. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Code Injection +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An access issue was addressed with additional sandbox restrictions. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Information Disclosure +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An integer overflow was addressed through improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apple +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 3.3
LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

The issue was addressed with improved UI handling. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Ipados +3
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH Monitor

react-native-mmkv is a library that allows easy use of MMKV inside React Native applications. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure Apple Google +3
NVD GitHub
EPSS 0% CVSS 7.0
HIGH KEV THREAT Act Now

The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev) and no vendor patch available.

Authentication Bypass Apple Ipados +5
NVD
Prev Page 26 of 90 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy