Skip to main content

Apple

8072 CVEs vendor

Monthly

CVE-2023-40424 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40422 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40420 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2023-40419 HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Tvos +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-40418 MEDIUM This Month

An authentication issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Watchos
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40417 MEDIUM This Month

A window management issue was addressed with improved state management. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari Ipados Iphone Os +2
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2023-40412 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-40410 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apple Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40409 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-40407 HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-40406 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40403 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-40402 MEDIUM This Month

A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40400 CRITICAL Act Now

This issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-40399 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40395 LOW Monitor

The issue was addressed with improved handling of caches. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2023-40391 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Xcode Ipados Iphone Os +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-40388 MEDIUM This Month

A privacy issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-40386 LOW Monitor

A privacy issue was addressed with improved handling of temporary files. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2023-40384 LOW Monitor

A permissions issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2023-39434 HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Apple RCE Memory Corruption Ipados +3
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-39233 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-38615 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38596 MEDIUM This Month

The issue was addressed with improved handling of protocols. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-38586 CRITICAL Act Now

An access issue was addressed with additional sandbox restrictions. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
10.0
EPSS
1.0%
CVE-2023-37448 LOW Monitor

A lock screen issue was addressed with improved state management. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2023-35990 LOW Monitor

The issue was addressed with improved checks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS +1
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2023-35984 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple Ipados Iphone Os +3
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-35074 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari Ipados Iphone Os +4
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-32421 MEDIUM This Month

A privacy issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-32396 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Xcode Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-32377 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-32361 MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-29497 LOW Monitor

A privacy issue was addressed with improved handling of temporary files. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-23495 MEDIUM This Month

A permissions issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-41993 HIGH KEV THREAT This Week

The issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +11
NVD
CVSS 3.1
8.8
EPSS
29.2%
CVE-2023-41992 HIGH KEV THREAT This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2023-41991 MEDIUM KEV THREAT This Month

A certificate validation issue was addressed. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS
NVD
CVSS 3.1
5.5
EPSS
4.5%
CVE-2023-41387 CRITICAL POC Act Now

A SQL injection in the flutter_downloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple SQLi Flutter Downloader
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2023-20236 HIGH This Week

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Jwt Attack Information Disclosure Ios Xr
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20233 MEDIUM This Month

A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Null Pointer Dereference Apple Ios Xr
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-20191 HIGH This Week

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Authentication Bypass Ios Xr
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-20190 MEDIUM POC This Month

A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Cisco Apple Ios Xr
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-20135 HIGH This Week

A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Cisco Apple Jwt Attack Ios Xr
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-4801 HIGH This Week

An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Microsoft Insider Threat Management
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-4759 Maven HIGH PATCH This Week

Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Apple Microsoft Jgit
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-41990 HIGH KEV THREAT This Week

The issue was addressed with improved handling of caches. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-40442 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-40440 HIGH This Week

This issue was addressed with improved state management of S/MIME encrypted emails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-4582 HIGH This Week

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Apple Firefox Firefox Esr +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-41775 MEDIUM This Month

Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Direct
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-4528 HIGH This Week

Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Microsoft Apple Deserialization Jscape Mft
NVD
CVSS 3.1
7.2
EPSS
27.1%
CVE-2023-41064 HIGH KEV THREAT This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +1
NVD
CVSS 3.1
7.8
EPSS
15.3%
CVE-2023-41061 HIGH KEV THREAT This Week

A validation issue was addressed with improved logic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Watchos
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2023-40397 CRITICAL Act Now

The issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS Webkitgtk Wpe Webkit
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-40392 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-38616 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple macOS
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-38605 LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-34352 MEDIUM This Month

A permissions issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-32438 MEDIUM This Month

This issue was addressed with improved checks to prevent unauthorized actions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-32432 MEDIUM This Month

A privacy issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-32428 HIGH This Week

This issue was addressed with improved file handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-32426 HIGH This Week

A logic issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32425 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Watchos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32379 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32370 MEDIUM This Month

A logic issue was addressed with improved validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS Webkitgtk Wpe Webkit
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-32362 MEDIUM This Month

Error handling was changed to not reveal sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-32356 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28215 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28214 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28213 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28212 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28211 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28210 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28209 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28208 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-28195 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-28188 MEDIUM This Month

A denial-of-service issue was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple macOS
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-28187 MEDIUM This Month

This issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-27950 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-4688 MEDIUM This Month

Sensitive information leak through log files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-41750 MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Authentication Bypass Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-41745 MEDIUM This Month

Sensitive information disclosure due to excessive collection of system information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft Agent Cyber Protect
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-41744 HIGH PATCH This Week

Local privilege escalation due to unrestricted loading of unsigned libraries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Apple Jwt Attack Agent Cyber Protect
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-41742 HIGH This Week

Excessive attack surface due to binding to an unrestricted IP address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft Agent Cyber Protect
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-40530 MEDIUM This Month

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Google Authentication Bypass Skylark
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2023-1409 HIGH PATCH This Week

If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apple Microsoft MongoDB
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-2318 CRITICAL POC Act Now

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple XSS Microsoft Marktext
NVD GitHub
CVSS 3.1
9.6
EPSS
0.5%
CVE-2023-2110 HIGH POC This Week

Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Apple Microsoft Obsidian
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2023-4359 MEDIUM This Month

Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Google Chrome Debian Linux +1
NVD
CVSS 3.1
5.3
EPSS
0.7%
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An authentication issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Watchos
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A window management issue was addressed with improved state management. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apple +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The issue was addressed with improved bounds checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

This issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The issue was addressed with improved handling of caches. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Xcode +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A privacy issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved handling of temporary files. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A permissions issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Apple RCE +5
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved handling of protocols. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

An access issue was addressed with additional sandbox restrictions. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A lock screen issue was addressed with improved state management. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The issue was addressed with improved checks. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados +3
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple +5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A privacy issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Xcode +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved handling of temporary files. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A permissions issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 29% CVSS 8.8
HIGH KEV THREAT This Week

The issue was addressed with improved checks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +13
NVD
EPSS 3% CVSS 7.8
HIGH KEV THREAT This Week

The issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +2
NVD
EPSS 5% CVSS 5.5
MEDIUM KEV THREAT This Month

A certificate validation issue was addressed. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados +2
NVD
EPSS 1% CVSS 9.1
CRITICAL POC Act Now

A SQL injection in the flutter_downloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple SQLi Flutter Downloader
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Jwt Attack +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Null Pointer Dereference +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Authentication Bypass +1
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Cisco Apple +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Cisco Apple +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Apple Microsoft +1
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Apple Microsoft +1
NVD
EPSS 1% CVSS 7.8
HIGH KEV THREAT This Week

The issue was addressed with improved handling of caches. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +4
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

This issue was addressed with improved state management of S/MIME encrypted emails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Apple +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Direct
NVD
EPSS 27% CVSS 7.2
HIGH This Week

Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Microsoft Apple +2
NVD
EPSS 15% CVSS 7.8
HIGH KEV THREAT This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +3
NVD
EPSS 3% CVSS 7.8
HIGH KEV THREAT This Week

A validation issue was addressed with improved logic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

This issue was addressed with improved redaction of sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A permissions issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple Ipados +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved checks to prevent unauthorized actions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A privacy issue was addressed with improved handling of temporary files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved file handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A logic issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A logic issue was addressed with improved validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Error handling was changed to not reveal sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple macOS
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A denial-of-service issue was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple macOS
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

This issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apple +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sensitive information leak through log files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sensitive information disclosure due to missing authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sensitive information disclosure due to excessive collection of system information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation due to unrestricted loading of unsigned libraries. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Apple Jwt Attack +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Excessive attack surface due to binding to an unrestricted IP address. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Google Authentication Bypass +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apple Microsoft +1
NVD
EPSS 0% CVSS 9.6
CRITICAL POC Act Now

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple XSS Microsoft +1
NVD GitHub
EPSS 0% CVSS 7.1
HIGH POC This Week

Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Apple Microsoft +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Google +3
NVD
Prev Page 29 of 90 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy