Skip to main content

Apple

8071 CVEs vendor

Monthly

CVE-2022-32788 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Ipados Iphone Os +3
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-26696 HIGH This Week

This issue was addressed with improved environment sanitization. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-37877 HIGH This Week

A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Apple RCE Clearpass Policy Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-36174 HIGH POC This Week

FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Apple Freshservice Agent
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2022-36173 HIGH POC This Week

FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Apple Freshservice Agent Freshservice Probe
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-35962 MEDIUM This Month

Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple Zulip
NVD GitHub
CVSS 3.1
5.7
EPSS
0.9%
CVE-2022-32894 HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +3
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2022-32893 HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Safari +7
NVD
CVSS 3.1
8.8
EPSS
9.8%
CVE-2022-32857 MEDIUM This Month

This issue was addressed by using HTTPS when sending information over the network. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2022-32840 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32839 CRITICAL Act Now

The issue was addressed with improved bounds checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Ipados Iphone Os +4
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2022-32838 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-32837 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-32834 MEDIUM This Month

An access issue was addressed with improvements to the sandbox. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2022-32813 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-32812 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32811 HIGH This Week

A memory corruption vulnerability was addressed with improved locking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-32810 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Buffer Overflow Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-32793 HIGH This Week

Multiple out-of-bounds write issues were addressed with improved bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow Ipados Iphone Os +4
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-38171 HIGH PATCH This Week

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Apple RCE Xpdf Poppler
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-30296 HIGH This Week

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Intel Datacenter Group Event
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-28757 HIGH This Week

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Meetings
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28751 HIGH This Week

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Apple Privilege Escalation Meetings
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-34156 MEDIUM This Month

'Hulu / フールー' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Hulu
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2022-28756 HIGH This Week

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Apple Privilege Escalation Meetings
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28755 MEDIUM This Month

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Google Apple RCE Virtual Desktop Infrastructure +1
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-35631 MEDIUM PATCH This Month

On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Apple Velociraptor
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36668 HIGH POC This Week

URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Code Injection Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-36667 HIGH POC PATCH This Week

Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Command Injection Python Apple Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-36666 HIGH POC This Week

An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-36665 HIGH POC This Week

An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Deserialization Insync Client
NVD VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-27904 HIGH This Week

Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. Rated high severity (CVSS 7.0). No vendor patch available.

Apple Information Disclosure Automox
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-31092 PHP HIGH POC PATCH This Week

Pimcore is an Open Source Data & Experience Management Platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

SQLi Apple Pimcore
NVD GitHub
CVSS 3.1
8.1
EPSS
1.3%
CVE-2022-31009 MEDIUM PATCH This Month

wire-ios is an iOS client for the Wire secure messaging application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apple Wire
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-31083 npm HIGH PATCH This Week

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Node.js Apple Parse Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-33140 Maven HIGH PATCH This Week

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Apple Nifi Nifi Registry
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2022-29482 LOW Monitor

'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Mobaoku Auction Flea Market
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2022-28385 MEDIUM POC This Month

An issue was discovered in certain Verbatim drives through 2022-03-31. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Apple Information Disclosure Executive Fingerprint Secure Ssd Firmware Fingerprint Secure Portable Hard Drive Firmware
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-26776 CRITICAL Act Now

This issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-26775 CRITICAL Act Now

An integer overflow was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Apple Mac Os X macOS
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-26772 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-26771 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26770 HIGH This Week

An out-of-bounds read issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple Information Disclosure Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26769 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26768 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-26767 MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-26766 MEDIUM This Month

A certificate parsing issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
2.7%
CVE-2022-26765 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Race Condition Apple Ipados Iphone Os +3
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-26764 MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +4
NVD
CVSS 3.1
4.7
EPSS
0.8%
CVE-2022-26763 HIGH This Week

An out-of-bounds access issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple Ipados Iphone Os +4
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2022-26761 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-26757 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple Use After Free Denial Of Service +6
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2022-26756 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26755 MEDIUM This Month

This issue was addressed with improved environment sanitization. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
6.3
EPSS
0.8%
CVE-2022-26754 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26753 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26752 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26751 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Microsoft Buffer Overflow Apple +5
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2022-26750 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26749 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26748 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2022-26746 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-26745 MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-26744 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26743 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.0). No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-26742 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26741 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26740 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26739 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26738 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26737 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26736 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-26731 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-26728 MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-26727 MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-26726 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS Watchos
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2022-26725 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-26723 CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-26722 HIGH This Week

A memory initialization issue was addressed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-26721 HIGH This Week

A memory initialization issue was addressed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-26720 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-26718 HIGH This Week

An out-of-bounds read issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure macOS
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-26715 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple Mac Os X macOS
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-26714 HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-26712 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-26711 CRITICAL Act Now

An integer overflow issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Apple Itunes +5
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-26708 CRITICAL Act Now

This issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-26706 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions on third-party applications. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
7.5%
CVE-2022-26704 HIGH This Week

A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-26703 LOW Monitor

An authorization issue was addressed with improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
2.4
EPSS
0.3%
EPSS 2% CVSS 9.8
CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow +5
NVD
EPSS 0% CVSS 8.8
HIGH This Week

This issue was addressed with improved environment sanitization. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Apple RCE +1
NVD
EPSS 0% CVSS 8.1
HIGH POC This Week

FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Apple +1
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Apple Freshservice Agent +1
NVD
EPSS 1% CVSS 5.7
MEDIUM This Month

Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apple Zulip
NVD GitHub
EPSS 3% CVSS 7.8
HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +5
NVD
EPSS 10% CVSS 8.8
HIGH KEV THREAT This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +9
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

This issue was addressed by using HTTPS when sending information over the network. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation +4
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

The issue was addressed with improved bounds checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow +6
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow +5
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An access issue was addressed with improvements to the sandbox. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A memory corruption vulnerability was addressed with improved locking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Buffer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Multiple out-of-bounds write issues were addressed with improved bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Apple Buffer Overflow +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Apple RCE +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Meetings
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Apple Privilege Escalation +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

'Hulu / フールー' App for iOS versions prior to 3.0.81 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Hulu
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Apple Privilege Escalation +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Google Apple +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Apple Velociraptor
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Code Injection Insync Client
NVD VulDB
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Command Injection Python Apple +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH POC This Week

An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Apple Insync Client
NVD VulDB
EPSS 0% CVSS 7.8
HIGH POC This Week

An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Deserialization Insync Client
NVD VulDB
EPSS 0% CVSS 7.0
HIGH This Week

Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. Rated high severity (CVSS 7.0). No vendor patch available.

Apple Information Disclosure Automox
NVD
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

Pimcore is an Open Source Data & Experience Management Platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

SQLi Apple Pimcore
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

wire-ios is an iOS client for the Wire secure messaging application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Apple Wire
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Node.js Apple +1
NVD GitHub
EPSS 4% CVSS 8.8
HIGH PATCH This Week

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Apple +2
NVD
EPSS 0% CVSS 3.7
LOW Monitor

'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Mobaoku Auction Flea Market
NVD
EPSS 0% CVSS 4.6
MEDIUM POC This Month

An issue was discovered in certain Verbatim drives through 2022-03-31. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Apple Information Disclosure +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

This issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An integer overflow was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Apple +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +6
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
EPSS 3% CVSS 5.5
MEDIUM This Month

A certificate parsing issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados +5
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Race Condition Apple +5
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Memory Corruption RCE Buffer Overflow +6
NVD
EPSS 4% CVSS 7.8
HIGH This Week

An out-of-bounds access issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 3% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Apple +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

This issue was addressed with improved environment sanitization. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Microsoft +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X +1
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.0). No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +5
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +2
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory initialization issue was addressed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory initialization issue was addressed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +6
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

An integer overflow issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft +7
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

This issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD
EPSS 7% CVSS 5.5
MEDIUM This Month

An access issue was addressed with additional sandbox restrictions on third-party applications. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X +1
NVD GitHub
EPSS 0% CVSS 2.4
LOW Monitor

An authorization issue was addressed with improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados +1
NVD
Prev Page 36 of 90 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy