PRIOn Logo

Search KB


Search our pre-analyzed vulnerability database

Total Results: 7130

of 357

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. A remote attacker may be able to cause a denial-of-service.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.8

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Published:   Updated:

Vulnerability Type: Path traversal

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.6

A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to break out of its sandbox.

Published:   Updated:

Vulnerability Type: Information disclosure

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access user-sensitive data.

Published:   Updated:

Vulnerability Type: Authentication flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. An app may be able to modify protected parts of the file system.

Published:   Updated:

Vulnerability Type: Information disclosure

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.8

This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to modify protected parts of the file system.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access protected user data.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A local attacker may be able to elevate their privileges.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.

Published:   Updated:

Vulnerability Type: Code injection

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.9

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

Published:   Updated:

Vulnerability Type: Race condition

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.7

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.

Published:   Updated:

Vulnerability Type: Sql injection

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

Published:   Updated:

Vulnerability Type: Authentication flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.3

This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges.

Published:   Updated:

Vulnerability Type: Sql injection

Vendor(s):  Apple
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

of 357