Apple Security Vulnerabilities (CVEs)

A memory corruption vulnerability in Apple operating systems allows attackers with memory write capability to execute arbitrary code. This affects wat...

This CVE describes an authorization vulnerability in iOS and iPadOS that allows malicious apps to bypass access controls and read sensitive user data....

This macOS vulnerability allows applications to access sensitive contact information that should be redacted in system logs. It affects macOS users ru...

A logic flaw in iOS/iPadOS note management could allow attackers to access users' deleted notes. This affects users running vulnerable versions of iOS...

This CVE describes a macOS/iOS/iPadOS vulnerability where sandboxed applications can bypass security restrictions to access sensitive user data. The i...

This CVE describes an authorization vulnerability in macOS where an app could bypass intended restrictions and access sensitive user data. The issue a...

A path validation vulnerability in macOS allows malicious applications to bypass directory restrictions and access sensitive user data. This affects m...

A logic flaw in Apple's mail preview functionality allows remote content to load despite the 'Load remote content in messages' setting being disabled....

This CVE describes a privacy vulnerability in iOS/iPadOS where an attacker with physical access to a locked device could view sensitive user informati...

This CVE describes a sandbox escape vulnerability in Apple operating systems where a malicious app could bypass security restrictions designed to isol...

This vulnerability allows malicious websites to track users through Safari web extensions due to improper state management. It affects users of Apple'...

A logic vulnerability in Apple operating systems allows attackers in privileged network positions to intercept network traffic. This affects multiple ...

This CVE describes an image processing vulnerability in Apple operating systems where improper bounds checks could allow maliciously crafted images to...

This vulnerability allows malicious apps to enumerate a user's installed applications on iOS and iPadOS devices. It affects users running vulnerable v...

This CVE describes a memory handling vulnerability in Apple operating systems and Safari that could allow a remote attacker to cause denial-of-service...

A path validation vulnerability in Apple operating systems allows applications to access sensitive user data through improper directory path parsing. ...

This CVE describes a path handling vulnerability (CWE-22) in multiple Apple operating systems and Safari that allows a remote attacker to write arbitr...

This macOS vulnerability allows an attacker with physical access to a locked device to bypass authorization controls and view sensitive user informati...

This memory handling vulnerability in Apple operating systems allows an app to cause unexpected system termination (kernel panic/crash). All users run...

An authorization vulnerability in iOS and iPadOS allows attackers with physical access to a locked device to view sensitive user information. This aff...

A logic vulnerability in Apple's iOS, iPadOS, Safari, and macOS allows malicious applications to access a user's Safari browsing history without prope...

An authorization vulnerability in iOS and iPadOS allows attackers with physical access to a locked device to view sensitive user information. This aff...

A package validation vulnerability in macOS allows malicious applications to gain root privileges. This affects macOS systems running versions before ...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to cause unexpected process crashes. It af...

This CVE describes a user interface inconsistency vulnerability in Apple iOS and iPadOS that allows an attacker with physical access to a locked devic...

This macOS vulnerability allows applications to access sensitive user data due to insufficient data protection. It affects macOS Tahoe versions before...

This macOS vulnerability allows malicious applications to access notifications from other iCloud devices, potentially exposing sensitive information. ...

This CVE describes a Bluetooth denial-of-service vulnerability affecting multiple Apple operating systems. An attacker in a privileged network positio...

This CVE describes a logging vulnerability where sensitive user information was not properly redacted in system logs. Attackers with access to log fil...

A macOS logging vulnerability allows malicious applications to access sensitive location information that should have been redacted. This affects macO...

An attacker with physical access to an iPhone can take and view screenshots of sensitive data during iPhone Mirroring with a Mac. This vulnerability a...

This CVE describes a privacy vulnerability in Apple operating systems where an app could potentially identify what other apps a user has installed, ex...

An input validation vulnerability in iOS/iPadOS allows someone with physical access to a locked device to view photos from the lock screen. This affec...

This vulnerability allows a malicious application to gain root privileges on affected Apple devices. It affects macOS, iOS, iPadOS, and visionOS syste...

A permissions vulnerability in macOS allows applications to bypass intended restrictions and access protected user data. This affects macOS systems ru...

This CVE describes a memory handling vulnerability in Apple's WebKit browser engine that affects multiple Apple operating systems and Safari. Processi...

This vulnerability allows identifying information to leak to Live Caller ID app extensions even when those extensions are disabled. It affects iOS and...

This CVE describes an environment variable handling vulnerability in Apple operating systems that could allow malicious apps to access sensitive user ...

This memory handling vulnerability in Apple's image processing components allows disclosure of process memory when processing malicious images. It aff...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to cause unexpected process crashes. It af...

This macOS vulnerability allows applications to access sensitive user data through improper handling of temporary files. It affects macOS systems befo...

This CVE describes a sandbox escape vulnerability in multiple Apple operating systems where an app can bypass its security restrictions. It affects us...

A path validation vulnerability in macOS and visionOS allows applications to bypass directory restrictions and access sensitive user data. This affect...

This macOS vulnerability allows applications to access sensitive user data due to insufficient data redaction in logging. It affects macOS Sequoia bef...

A permissions vulnerability in macOS allowed applications to access protected user data they shouldn't have been able to access. This affects macOS sy...

This CVE describes an injection vulnerability in macOS that allows malicious applications to access sensitive user data. The issue affects macOS Sequo...

An out-of-bounds write vulnerability in USD file processing allows attackers to cause unexpected app termination or potentially execute arbitrary code...

This CVE describes an out-of-bounds read vulnerability in macOS kernel memory that could allow an attacker to cause system crashes or read sensitive k...

This macOS vulnerability allows applications to access sensitive user data through improper handling of temporary files. It affects macOS systems befo...