Total
3596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3753 | 1 Apple | 2 Iphone, Iphone Os | 2022-08-09 | 7.5 HIGH | N/A |
| Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service (application termination) and execute arbitrary code via crafted Service Discovery Protocol (SDP) packets, related to insufficient input validation. | |||||
| CVE-2007-2401 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2022-08-09 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the setRequestHeader function. NOTE: this issue can be leveraged for cross-site scripting (XSS) attacks. | |||||
| CVE-2007-2400 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2022-08-09 | 4.3 MEDIUM | N/A |
| Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects. | |||||
| CVE-2007-2399 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2022-08-09 | 9.3 HIGH | N/A |
| WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption. | |||||
| CVE-2020-9951 | 3 Apple, Debian, Webkit | 9 Icloud, Ipados, Iphone Os and 6 more | 2022-07-23 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30776 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination. | |||||
| CVE-2021-34424 | 5 Apple, Google, Linux and 2 more | 30 Iphone Os, Macos, Android and 27 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was discovered in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom on-premise Meeting Connector before version 4.8.12.20211115, Zoom on-premise Meeting Connector MMR before version 4.8.12.20211115, Zoom on-premise Recording Connector before version 5.1.0.65.20211116, Zoom on-premise Virtual Room Connector before version 4.4.7266.20211117, Zoom on-premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64 which potentially allowed for the exposure of the state of process memory. This issue could be used to potentially gain insight into arbitrary areas of the product's memory. | |||||
| CVE-2021-30816 | 1 Apple | 2 Ipados, Iphone Os | 2022-07-12 | 2.1 LOW | 2.4 LOW |
| The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information. | |||||
| CVE-2020-3890 | 1 Apple | 2 Ipad Os, Iphone Os | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. | |||||
| CVE-2021-30798 | 1 Apple | 3 Iphone Os, Macos, Watchos | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. | |||||
| CVE-2021-1822 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system. | |||||
| CVE-2021-1807 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2022-07-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files. | |||||
| CVE-2021-1820 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. | |||||
| CVE-2021-30709 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. | |||||
| CVE-2021-30815 | 1 Apple | 2 Ipados, Iphone Os | 2022-07-12 | 2.1 LOW | 2.4 LOW |
| A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to view contacts from the lock screen. | |||||
| CVE-2020-3917 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks. | |||||
| CVE-2021-30656 | 1 Apple | 2 Ipados, Iphone Os | 2022-07-12 | 7.1 HIGH | 5.5 MEDIUM |
| An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2014-1359 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2022-06-30 | 10.0 HIGH | N/A |
| Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application. | |||||
| CVE-2020-29614 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2022-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption. | |||||
| CVE-2020-29624 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||