Filtered by vendor Apple
Subscribe
Total
11236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32833 | 1 Apple | 3 Iphone Os, Macos, Safari | 2023-08-08 | N/A | 5.3 MEDIUM |
| An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history. | |||||
| CVE-2022-22616 | 1 Apple | 2 Mac Os X, Macos | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. | |||||
| CVE-2022-22779 | 3 Apple, Keybase, Microsoft | 3 Macos, Keybase, Windows | 2023-08-08 | 4.3 MEDIUM | 3.7 LOW |
| The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem. | |||||
| CVE-2022-26703 | 1 Apple | 2 Ipados, Iphone Os | 2023-08-08 | 2.1 LOW | 2.4 LOW |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A person with physical access to an iOS device may be able to access photos from the lock screen. | |||||
| CVE-2022-42788 | 1 Apple | 1 Macos | 2023-08-08 | N/A | 5.5 MEDIUM |
| A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Ventura 13. A malicious application may be able to read sensitive location information. | |||||
| CVE-2022-0799 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | |||||
| CVE-2022-22583 | 1 Apple | 2 Mac Os X, Macos | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. | |||||
| CVE-2022-28871 | 3 Apple, F-secure, Microsoft | 4 Mac Os X, Macos, Atlant and 1 more | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2022-32883 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-08-08 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information. | |||||
| CVE-2022-1030 | 3 Apple, Linux, Okta | 3 Macos, Linux Kernel, Advanced Server Access | 2023-08-08 | 9.3 HIGH | 8.8 HIGH |
| Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system. | |||||
| CVE-2022-22579 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2023-08-08 | 9.3 HIGH | 7.8 HIGH |
| An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-22663 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.6. A malicious application may bypass Gatekeeper checks. | |||||
| CVE-2022-26707 | 1 Apple | 1 Macos | 2023-08-08 | N/A | 5.5 MEDIUM |
| An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A user may be able to view sensitive user information. | |||||
| CVE-2022-1874 | 2 Apple, Google | 2 Macos, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | |||||
| CVE-2022-22676 | 1 Apple | 1 Macos | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. | |||||
| CVE-2022-32945 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-08-08 | N/A | 4.3 MEDIUM |
| An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods. | |||||
| CVE-2022-22612 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. | |||||
| CVE-2022-46701 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-08-08 | N/A | 7.8 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges. | |||||
| CVE-2022-22598 | 1 Apple | 2 Ipados, Iphone Os | 2023-08-08 | 2.1 LOW | 3.3 LOW |
| An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access. | |||||
| CVE-2022-22660 | 1 Apple | 1 Macos | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI. | |||||