Export limit exceeded: 13383 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13383 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54522 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-02-06 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | ||||
| CVE-2023-28143 | 2 Apple, Qualys | 2 Mac Os X, Cloud Agent | 2025-02-05 | 6.7 Medium |
| Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older) versions. Attackers may exploit incorrect file permissions to give them ROOT command execution privileges on the host. During the install of the PKG, a step in the process involves extracting the package and copying files to several directories. Attackers may gain writable access to files during the install of PKG when extraction of the package and copying files to several directories, enabling a local escalation of privilege. | ||||
| CVE-2024-54488 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-05 | 5.3 Medium |
| A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication. | ||||
| CVE-2024-54549 | 1 Apple | 1 Macos | 2025-02-04 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-54512 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2025-02-04 | 9.1 Critical |
| The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account. | ||||
| CVE-2023-20872 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2025-02-04 | 8.8 High |
| VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. | ||||
| CVE-2023-20871 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2025-02-04 | 7.8 High |
| VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system. | ||||
| CVE-2023-2257 | 3 Apple, Devolutions, Microsoft | 3 Macos, Workspace, Windows | 2025-02-04 | 6.1 Medium |
| Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" security feature. This vulnerability occurs only if "Force Login" feature is enabled on the Hub Business instance and that an attacker has access to a locked Workspace desktop application configured with a Hub Business space. | ||||
| CVE-2024-54557 | 1 Apple | 1 Macos | 2025-01-31 | 7.5 High |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system. | ||||
| CVE-2024-54536 | 1 Apple | 1 Macos | 2025-01-31 | 5.5 Medium |
| The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables. | ||||
| CVE-2024-54516 | 1 Apple | 1 Macos | 2025-01-31 | 3.3 Low |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent. | ||||
| CVE-2024-55503 | 2 Apple, Termius | 2 Macos, Termius | 2025-01-31 | 3.3 Low |
| An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component. | ||||
| CVE-2024-54517 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-01-31 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | ||||
| CVE-2022-45456 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2025-01-30 | 7.5 High |
| Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161. | ||||
| CVE-2022-48481 | 2 Apple, Jetbrains | 2 Macos, Toolbox | 2025-01-30 | 5.2 Medium |
| In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible | ||||
| CVE-2023-0834 | 2 Apple, Hypr | 2 Macos, Workforce Access | 2025-01-30 | 7 High |
| Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1. | ||||
| CVE-2023-22372 | 3 Apple, F5, Microsoft | 3 Macos, Big-ip Access Policy Manager, Windows | 2025-01-29 | 5.9 Medium |
| In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-24461 | 3 Apple, F5, Microsoft | 3 Macos, Big-ip Access Policy Manager, Windows | 2025-01-29 | 7.4 High |
| An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-27933 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-01-29 | 6.7 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app with root privileges may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-27932 | 3 Apple, Debian, Redhat | 9 Ipados, Iphone Os, Macos and 6 more | 2025-01-29 | 5.5 Medium |
| This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy. | ||||