Apple Security Vulnerabilities (CVEs)

A macOS vulnerability allows malicious applications to access Find My data, which could expose location information and device details. This affects m...

CVE-2022-48611 is a local privilege escalation vulnerability in iTunes for Windows. A local attacker can exploit a logic issue to gain elevated privil...

This vulnerability allows a malicious app to corrupt coprocessor memory on Apple devices, potentially leading to arbitrary code execution or system in...

CVE-2023-38709 is an input validation vulnerability in Apache HTTP Server that allows malicious backend applications or content generators to split HT...

This macOS vulnerability allows Remote Login sessions to bypass security controls and obtain full disk access permissions. It affects macOS systems wi...

This vulnerability allows a process to gain administrative privileges without proper authentication on affected macOS versions. It affects macOS Ventu...

This CVE describes a path handling vulnerability in Apple operating systems that allows malicious applications to escape their sandbox restrictions. I...

This vulnerability allows a remote attacker to cause denial-of-service conditions on affected Apple devices. The issue affects iOS and iPadOS devices ...

CVE-2023-42892 is a use-after-free vulnerability in macOS that allows a local attacker to elevate their privileges. This affects macOS Monterey, Ventu...

CVE-2024-2398 is a memory leak vulnerability in libcurl that occurs when HTTP/2 server push headers exceed the 1000-header limit. This allows attacker...

CVE-2024-23300 is a use-after-free vulnerability in GarageBand that allows arbitrary code execution when processing malicious files. Attackers can cra...

This vulnerability allows an application to elevate its privileges on affected Apple devices, potentially gaining unauthorized access to system resour...

This vulnerability in macOS allows attackers to execute arbitrary code by processing malicious input. It affects macOS systems before Sonoma 14.4. Use...

This is a memory corruption vulnerability in Apple operating systems that allows malicious apps to cause system crashes or write to kernel memory. It ...

This CVE describes a privilege escalation vulnerability in macOS where an application can exploit an injection flaw to gain elevated privileges. It af...

This is a memory corruption vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privileges. It a...

This CVE describes a privilege escalation vulnerability in macOS where an application could exploit an injection flaw to gain elevated privileges. The...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic issue to gain elevated system pri...

This vulnerability allows a malicious app to escape its sandbox restrictions on Apple operating systems, potentially accessing system resources or oth...

A buffer overflow vulnerability in Apple's image processing components allows arbitrary code execution when processing malicious images. This affects ...

This macOS privilege escalation vulnerability allows a standard user application to gain elevated privileges after an administrator user logs in. It a...

This CVE describes a sandbox escape vulnerability in Apple operating systems that allows malicious applications to break out of their security sandbox...

This vulnerability in macOS allows processing a malicious file to cause a denial-of-service or potentially leak memory contents. It affects macOS syst...

This vulnerability allows attackers to execute arbitrary code by exploiting an out-of-bounds read when processing malicious images. It affects Apple v...

This memory handling vulnerability in Apple operating systems allows malicious apps to execute arbitrary code outside their sandbox or with elevated p...

This CVE describes a path traversal vulnerability in macOS that allows malicious applications to overwrite arbitrary files on the system. It affects m...

This is a memory corruption vulnerability (CWE-787) in Apple's web content processing components that could allow arbitrary code execution when proces...

This vulnerability in macOS allows malicious applications to abuse entitlements and privacy permissions granted to legitimate apps. Attackers could po...

This CVE describes a memory corruption vulnerability in Apple iOS/iPadOS kernel that allows attackers with kernel read/write capabilities to bypass me...

CVE-2024-23296 is a memory corruption vulnerability in Apple's iOS/iPadOS kernel that allows attackers with kernel read/write capabilities to bypass m...

This CVE describes a privilege escalation vulnerability in iOS and iPadOS where an app could bypass security boundaries and gain elevated privileges. ...

This CVE describes a privilege escalation vulnerability in Apple operating systems where improper symlink handling allows malicious applications to ga...

This vulnerability allows an attacker to cause heap corruption by tricking a user into processing a maliciously crafted image. It affects Apple device...

This is a kernel privilege escalation vulnerability in Apple operating systems where an application can bypass bounds checks to execute arbitrary code...

This macOS vulnerability allows attackers to bypass security checks and access user data through a logic issue. It affects macOS systems before Sonoma...

This macOS sandbox escape vulnerability allows malicious applications to break out of their security confinement and execute arbitrary code with eleva...

This is a memory handling vulnerability in Apple operating systems that allows an app to execute arbitrary code with kernel privileges. It affects mul...

This CVE describes memory corruption vulnerabilities in Apple's WebKit browser engine that could allow arbitrary code execution when processing malici...

A type confusion vulnerability in Apple's WebKit browser engine allows processing malicious web content to execute arbitrary code. This affects users ...

This vulnerability allows malicious shortcuts in macOS, iOS, and iPadOS to access sensitive user data without proper permission prompts. It affects us...

This is a memory corruption vulnerability (CWE-94: Improper Control of Generation of Code) in Apple operating systems that allows an application to ex...

This is a memory corruption vulnerability in macOS that could allow an attacker to execute arbitrary code or cause application crashes by processing a...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to execute arbitrary code on affected devi...

This CVE describes a use-after-free vulnerability in Apple operating systems that allows an app to execute arbitrary code with kernel privileges. It a...

A memory corruption vulnerability in macOS allows processing malicious files to cause denial-of-service or memory disclosure. This affects macOS users...

This macOS vulnerability allows an application to gain elevated privileges, potentially enabling unauthorized access to system resources. It affects m...

This CVE describes a type confusion vulnerability in Apple's kernel that could allow a remote attacker to execute arbitrary code with kernel privilege...

A type confusion vulnerability in Apple operating systems allows malicious applications to execute arbitrary code with kernel privileges. This affects...

This vulnerability in macOS allows arbitrary code execution when processing malicious files. Attackers can exploit improper input validation to execut...