Apple Security Vulnerabilities (CVEs)

This vulnerability in Xcode allows malicious applications to access private information they shouldn't have permission to view. It affects developers ...

This vulnerability allows an attacker with physical access to a locked Apple device to use Siri to access sensitive user data. It affects macOS, iOS, ...

This CVE describes a logging vulnerability in Apple operating systems where insufficient data redaction allowed apps to access sensitive user informat...

This CVE describes a buffer overflow vulnerability in Apple's web content processing components. Attackers can cause unexpected process crashes by tri...

A logic error in image parsing across multiple Apple operating systems could lead to disclosure of user information when processing malicious images. ...

A script imports isolation vulnerability in Apple WebKit allows malicious websites to bypass security boundaries and access sensitive data from other ...

This CVE describes a memory disclosure vulnerability in Apple's web content processing across multiple operating systems. An attacker can craft malici...

This CVE describes a macOS sandbox escape vulnerability where malicious applications can bypass sandbox restrictions to access sensitive user data. It...

This vulnerability allows applications to bypass privacy preferences on affected Apple operating systems. It affects users running visionOS, iOS, and ...

A permissions vulnerability in Apple operating systems allows applications to read arbitrary file metadata without proper authorization. This affects ...

This CVE describes a buffer overflow vulnerability in macOS kernel memory handling that could allow a malicious application to cause system crashes or...

This vulnerability allows a malicious application to gain root privileges on affected macOS systems. It affects macOS Sonoma versions before 14.6. The...

This memory handling vulnerability in Apple's web content processing allows attackers to cause denial-of-service conditions. It affects users of Apple...

This vulnerability allows files received via AirDrop to bypass macOS/iOS quarantine flagging, which normally warns users about potentially unsafe file...

This CVE describes an out-of-bounds read vulnerability in macOS that could allow a malicious application to read kernel memory or cause system crashes...

This vulnerability allows attackers on the same network to intercept and view sensitive information transmitted by affected Apple devices. It affects ...

This vulnerability allows attackers to modify protected system files by restoring maliciously crafted backup files. It affects Apple devices running v...

This CVE describes a macOS vulnerability where applications could bypass security checks and access sensitive user data. It affects macOS systems befo...

This CVE describes an out-of-bounds write vulnerability in macOS file parsing that could allow an attacker to cause unexpected application termination...

A double free vulnerability in Apple operating systems allows malicious applications to execute arbitrary code with kernel privileges. This affects ma...

This vulnerability allows malicious web content to cause unexpected process crashes in Apple's WebKit browser engine. It affects users of Safari and A...

This CVE describes a memory handling vulnerability in Apple operating systems that could allow a malicious app to cause system crashes or corrupt kern...

This macOS vulnerability allows malicious applications to access removable storage devices (like USB drives) without user permission. It affects macOS...

This CVE describes an information disclosure vulnerability in Apple operating systems where a local user could potentially access sensitive user infor...

This vulnerability allows a malicious application to cause kernel memory corruption or system crashes on macOS systems. It affects macOS users running...

This vulnerability allows a malicious app to modify other applications without proper App Management permission on Apple devices. It affects iOS, iPad...

A SecureROM vulnerability in certain Apple devices allows unauthenticated local attackers with physical access to execute arbitrary code during boot v...

This macOS privilege escalation vulnerability allows local attackers to gain elevated system privileges. It affects macOS Ventura, Sonoma, and Sequoia...

This vulnerability is an out-of-bounds read (CWE-125) in Apple's WebKit browser engine that could cause unexpected process crashes when processing mal...

This vulnerability allows malicious applications to bypass browser extension authentication in Safari by exploiting a logging issue that exposes sensi...

This CVE describes a privacy preference bypass vulnerability in macOS that allows applications to circumvent user-configured privacy settings. Affecte...

This CVE describes a local privilege escalation vulnerability in macOS where improper permission validation allows a local attacker to gain elevated p...

A null pointer dereference vulnerability in Apple operating systems allows remote attackers to cause denial-of-service conditions. This affects macOS,...

This vulnerability allows command injection when copying URLs from Web Inspector in affected Apple products. Attackers could execute arbitrary command...

This macOS kernel memory corruption vulnerability allows malicious applications to cause system crashes or corrupt kernel memory, potentially leading ...

A buffer overflow vulnerability in macOS allows applications with root privileges to execute arbitrary code with kernel privileges. This could lead to...

This CVE describes a memory handling vulnerability in Apple's web content processing that could lead to denial-of-service. It affects multiple Apple o...

This CVE describes a validation logic vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privil...

This vulnerability in Apple operating systems allows parsing a malicious file to cause unexpected app termination (denial of service). It affects user...