Apple Security Vulnerabilities (CVEs)

This CVE describes a macOS permissions vulnerability where applications can bypass file system protections to modify restricted areas. It affects macO...

This macOS vulnerability allows applications to access sensitive user data from system logs that should have been redacted. It affects macOS systems b...

A memory initialization vulnerability in macOS allows processing malicious files to cause unexpected application termination. This affects users runni...

A buffer overflow vulnerability in macOS texture processing allows maliciously crafted textures to cause unexpected application termination. This affe...

This macOS vulnerability allows applications to access sensitive user data due to improper environment variable validation. It affects macOS systems b...

This CVE describes a privacy vulnerability in Apple's Shortcuts app where temporary file handling could allow an app to observe data displayed to the ...

A memory handling vulnerability in macOS video processing allows malicious video files to cause application crashes. This affects users running macOS ...

This CVE describes a downgrade vulnerability in macOS code-signing restrictions that could allow an attacker to read sensitive information. The issue ...

This vulnerability allows an attacker with physical access to a locked iOS/iPadOS device to view recent photos without authentication through the Assi...

This vulnerability allows attackers to force Apple devices to disconnect from secure Wi-Fi networks by exploiting an integrity issue in Beacon Protect...

This macOS vulnerability allows applications to bypass intended permission restrictions and access sensitive user data. It affects macOS systems befor...

This vulnerability in macOS allows malicious applications to escalate privileges and gain root access. It affects macOS systems before Sequoia 15. Any...

This vulnerability allows iOS/iPadOS apps to leak sensitive user information due to insufficient data protection. It affects users running vulnerable ...

This vulnerability allows a malicious Bluetooth input device to bypass the pairing process on affected Apple devices. It affects users of iOS and iPad...

This vulnerability allows unauthorized access to Private Browsing tabs in iOS/iPadOS without proper authentication. It affects users running vulnerabl...

A race condition vulnerability in Apple's archive unpacking functionality allows attackers to write arbitrary files when processing malicious archives...

This CVE describes a memory corruption vulnerability in Apple iOS/iPadOS due to insufficient bounds checking. An attacker can cause unexpected app ter...

This CVE describes a privilege escalation vulnerability in macOS where a non-privileged user can modify restricted network settings. This affects macO...

This macOS vulnerability allows malicious websites to spoof user interface elements, potentially tricking users into unintended actions. It affects ma...

This vulnerability allows malicious applications with root privileges to modify system files on affected Apple operating systems. It affects visionOS ...

This CVE describes a permissions vulnerability in macOS that allows unauthorized applications to access a user's Photos Library. The issue affects mac...

This vulnerability allows an attacker with physical access to an iOS/iPadOS device to use Siri to access sensitive user data that should be protected....

This macOS vulnerability allows malicious applications to cause denial-of-service conditions through improper memory handling. It affects macOS system...

This macOS vulnerability allows camera extensions to bypass intended restrictions and access the internet without proper authorization. It affects mac...

This memory handling vulnerability in macOS allows applications to read restricted memory regions they shouldn't access. It affects macOS systems befo...

This vulnerability allows malicious apps to record the screen without displaying the standard recording indicator on Apple devices. It affects users o...

This vulnerability allows remote attackers to cause denial-of-service conditions on affected Apple devices through improper state management. It affec...

This CVE describes a macOS vulnerability where an application can overwrite arbitrary files on the system. This affects macOS Sonoma, Monterey, and Ve...

This vulnerability allows a malicious application to gain root privileges on affected macOS systems. It affects macOS Monterey, Ventura, and Sonoma be...

This CVE describes a logic flaw in Apple's Shortcuts automation feature that allows shortcuts to access sensitive data without user consent. Affected ...

This CVE describes a logic flaw in Apple's Shortcuts automation system that allows shortcuts to access sensitive user data without proper user consent...

This CVE describes a permissions issue in Apple operating systems that allows applications to bypass Privacy preferences. It affects users of watchOS,...

This CVE describes a logic flaw in macOS Shortcuts that allows malicious shortcuts to access sensitive user data without proper user consent prompts. ...

This vulnerability allows shortcuts to bypass internet permission requirements on Apple devices, potentially enabling unauthorized network access. It ...

This vulnerability allows shortcuts on Apple devices to bypass internet permission requirements, potentially enabling unauthorized network access. It ...

This macOS vulnerability allows malicious applications to bypass Privacy preferences by exploiting a downgrade issue in code-signing restrictions. It ...

This CVE describes an out-of-bounds read vulnerability in macOS that could allow a local attacker to cause unexpected system shutdown. The vulnerabili...

This vulnerability allows an attacker with physical access to a locked Apple device to use Siri to access sensitive user data. It affects iOS, iPadOS,...

This CVE describes a sandbox escape vulnerability in macOS where third-party app extensions may not receive proper sandbox restrictions. This could al...

This CVE describes a macOS vulnerability where applications can access sensitive user data without proper authorization. It affects macOS Sonoma, Mont...

CVE-2024-40786 is an Apple iOS/iPadOS/macOS vulnerability involving improper state management that allows attackers to view sensitive user information...

This CVE describes a type confusion vulnerability in Apple operating systems that allows a local attacker to cause unexpected system shutdowns. The is...

This CVE describes an information disclosure vulnerability in Apple operating systems where an app could access user-sensitive data without proper aut...

This CVE describes a privacy vulnerability in Apple operating systems where private browsing history may leak into system logs. The issue affects user...

An out-of-bounds read vulnerability in Apple operating systems allows processing malicious files to cause unexpected application termination. This aff...

This CVE describes a local privilege escalation vulnerability in macOS that allows an attacker with existing local access to elevate their privileges ...

This CVE describes an information disclosure vulnerability in macOS where a malicious application could access private information. The vulnerability ...

This vulnerability allows unprivileged applications on macOS to log keystrokes from other applications, including those using secure input mode. It af...