Apple Security Vulnerabilities (CVEs)

This CVE describes a macOS permissions vulnerability that allows applications to modify protected areas of the file system. The issue affects macOS sy...

This vulnerability allows malicious applications to bypass macOS and iOS privacy preferences by exploiting a downgrade issue in code-signing restricti...

A use-after-free vulnerability in Apple's WebKit browser engine allows processing malicious web content to cause unexpected process crashes. This affe...

This CVE describes an out-of-bounds read vulnerability in Apple's web content processing that could cause unexpected process crashes. It affects multi...

This CVE describes a local privilege escalation vulnerability in macOS that allows an attacker with existing local access to gain elevated privileges....

This macOS vulnerability allows malicious applications to bypass Privacy preferences and access restricted data containers. It affects macOS Monterey,...

This is a cross-site scripting (XSS) vulnerability in Apple's web content processing that allows attackers to inject malicious scripts into web pages ...

This CVE describes a privacy vulnerability in macOS where applications could access sensitive user data from system logs. The issue affects macOS syst...

This is a privilege escalation vulnerability in Apple operating systems where an application can execute arbitrary code with kernel privileges due to ...

This CVE describes an information disclosure vulnerability in Apple operating systems where log entries could reveal kernel memory layout details. A l...

This vulnerability allows a malicious app to bypass macOS symlink validation and access protected user data. It affects macOS systems before Sonoma 14...

A memory handling vulnerability in macOS allows processing malicious files to cause denial-of-service or memory disclosure. Affects macOS Monterey, Ve...

This vulnerability allows applications to access sensitive contact information from macOS system logs due to insufficient data redaction. It affects m...

This CVE describes a macOS permissions vulnerability where applications can bypass file system protections and modify restricted areas. It affects mac...

This vulnerability allows an app to execute arbitrary code with kernel privileges, potentially gaining full control over affected Apple devices. It af...

This CVE describes a sandbox escape vulnerability in macOS where a sandboxed process can bypass security restrictions. It affects macOS systems before...

This macOS vulnerability allows applications to access sensitive location information that should be redacted in system logs. It affects macOS users r...

A permissions issue in macOS allowed applications to gain elevated privileges beyond their intended access. This affects macOS Ventura systems before ...

This CVE describes an integer overflow vulnerability in Apple's WebKit browser engine that could allow arbitrary code execution when processing malici...

This vulnerability allows malicious webpages to fingerprint users through Apple's WebKit browser engine. It affects users of Safari and Apple devices ...

This vulnerability allows a website's permission dialog to persist after users navigate away from the site, potentially tricking users into granting u...

A permissions checking vulnerability in Apple operating systems allows malicious applications to gain root privileges. This affects macOS, iOS, and iP...

This is a memory corruption vulnerability in Apple's WebKit browser engine, allowing arbitrary code execution when processing malicious web content. I...

This CVE describes an out-of-bounds memory access vulnerability in multiple Apple operating systems that could allow a remote attacker to crash applic...

This vulnerability allows iOS/iPadOS apps to bypass App Privacy Report logging, potentially hiding their data access activities from users. It affects...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to execute arbitrary code on affected devi...

A denial-of-service vulnerability in visionOS file handling protocol allows attackers to crash devices by processing malicious web content. This affec...

This CVE describes an out-of-bounds write vulnerability in Apple operating systems that allows an app to execute arbitrary code with kernel privileges...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to execute arbitrary code on affected devi...

This vulnerability allows malicious webpages to fingerprint users by exploiting improper state management in Apple's WebKit browser engine. It affects...

This CVE describes an out-of-bounds write vulnerability in Apple operating systems that could allow an attacker to execute arbitrary code or cause app...

An authentication vulnerability in Apple's Mail application allows attackers with physical access to a device to potentially extract Mail account cred...

This vulnerability in Apple operating systems allows processing a maliciously crafted message to cause a denial-of-service condition. It affects multi...

This Apple privilege escalation vulnerability allows malicious apps to gain elevated system privileges on affected Apple devices. It impacts users run...

This CVE describes an environment variable validation vulnerability in Apple operating systems that could allow malicious applications to access sensi...

This vulnerability allows a malicious macOS application to escape its sandbox restrictions, potentially accessing system resources or other applicatio...

This vulnerability allows attackers to execute arbitrary code on macOS systems by tricking users into opening malicious TIFF image files. It affects m...

An out-of-bounds read vulnerability in AppleScript processing on macOS Monterey allows attackers to cause unexpected termination or memory disclosure....

This macOS vulnerability allows applications to bypass data container restrictions and access sensitive user data they shouldn't have permission to ac...

This is a macOS kernel privilege escalation vulnerability that allows a malicious application to execute arbitrary code with kernel-level privileges. ...

This vulnerability allows an app to bypass privacy preferences on Apple devices, potentially accessing sensitive user data without proper consent. It ...

This vulnerability allows an app to disclose kernel memory due to improper memory handling in Apple operating systems. It affects iOS, iPadOS, and mac...

This vulnerability allows malicious applications to bypass macOS Privacy preferences on Intel-based Mac computers by exploiting a downgrade issue in c...

This is a memory handling vulnerability in macOS that allows processing malicious files to cause application crashes or arbitrary code execution. It a...

This CVE describes a memory handling vulnerability in Apple operating systems that could allow an attacker to cause app crashes or execute arbitrary c...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic issue to gain root privileges. It...

This memory handling vulnerability in Apple operating systems allows malicious apps to execute arbitrary code with kernel privileges, potentially gain...

This macOS vulnerability allows malicious applications to execute arbitrary code outside their sandbox or with elevated privileges. It affects macOS s...

This privilege escalation vulnerability in Apple operating systems allows attackers to gain elevated system privileges. It affects iOS, iPadOS, and ma...

This CVE-2024-27789 is a logic flaw in Apple operating systems that allows applications to access sensitive user data they shouldn't normally have per...