Filtered by vendor Apple
Subscribe
Total
12909 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31262 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-05-28 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-32843 | 1 Apple | 2 Mac Os X, Macos | 2025-05-27 | N/A | 7.1 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory. | |||||
| CVE-2022-32832 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-05-27 | N/A | 6.7 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32807 | 1 Apple | 2 Mac Os X, Macos | 2025-05-27 | N/A | 7.1 HIGH |
| This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files. | |||||
| CVE-2022-37877 | 2 Apple, Arubanetworks | 2 Macos, Clearpass Policy Manager | 2025-05-27 | N/A | 7.8 HIGH |
| A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2022-32882 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-32861 | 1 Apple | 2 Macos, Safari | 2025-05-27 | N/A | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. A user may be tracked through their IP address. | |||||
| CVE-2022-32849 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2025-05-27 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. | |||||
| CVE-2022-32814 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-27 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-29181 | 2 Apple, Nokogiri | 2 Macos, Nokogiri | 2025-05-27 | 6.4 MEDIUM | 8.2 HIGH |
| Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent. | |||||
| CVE-2021-3187 | 2 Apple, Beyondtrust | 2 Mac Os X, Privilege Management For Mac | 2025-05-27 | N/A | 8.8 HIGH |
| An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.) | |||||
| CVE-2025-30436 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-27 | N/A | 9.1 CRITICAL |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to use Siri to enable Auto-Answer Calls. | |||||
| CVE-2025-31195 | 1 Apple | 1 Macos | 2025-05-27 | N/A | 6.3 MEDIUM |
| The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox. | |||||
| CVE-2022-32852 | 1 Apple | 1 Macos | 2025-05-22 | N/A | 7.1 HIGH |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | |||||
| CVE-2022-32817 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-22 | N/A | 5.5 MEDIUM |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. | |||||
| CVE-2022-32816 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-22 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. | |||||
| CVE-2022-32815 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-05-22 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32797 | 1 Apple | 2 Mac Os X, Macos | 2025-05-22 | N/A | 7.1 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | |||||
| CVE-2022-32796 | 1 Apple | 1 Macos | 2025-05-22 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32792 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-22 | N/A | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||