Apple Security Vulnerabilities (CVEs)

This memory corruption vulnerability in macOS allows malicious applications to execute arbitrary code with system privileges. It affects macOS Catalin...

CVE-2020-27919 is an out-of-bounds write vulnerability in macOS image processing that could allow arbitrary code execution when processing a malicious...

This macOS kernel vulnerability allows a malicious application to exploit a race condition to execute arbitrary code with kernel privileges. It affect...

This vulnerability allows arbitrary code execution through malicious image processing. An attacker can craft a malicious image that triggers an out-of...

CVE-2020-27931 is a memory corruption vulnerability in Apple's font processing that allows arbitrary code execution when processing malicious font fil...

This CVE describes an out-of-bounds write vulnerability in macOS that allows an application to execute arbitrary code with kernel privileges. It affec...

This vulnerability allows remote code execution when cloning malicious Git repositories on case-insensitive file systems (Windows/macOS default). Atta...

This vulnerability in OpenLDAP allows attackers to cause a double-free memory corruption in the slapd daemon's saslAuthzTo processing, leading to a cr...

This vulnerability in OpenLDAP allows attackers to trigger an infinite loop in the slapd daemon by sending a specially crafted cancel_extop Cancel ope...

This vulnerability in OpenLDAP's X.509 DN parsing can cause the slapd daemon to crash when processing specially crafted certificates, leading to denia...

An integer underflow vulnerability in OpenLDAP's Certificate Exact Assertion processing can cause slapd to crash, leading to denial of service. This a...

This vulnerability in OpenLDAP's slapd daemon allows attackers to trigger a crash through malformed Values Return Filter control requests, causing den...

CVE-2020-8285 is a stack overflow vulnerability in curl's FTP wildcard parsing that allows remote attackers to crash applications or potentially execu...

This vulnerability allows remote code execution through a memory corruption flaw in Pixar OpenUSD's file parsing. Attackers can craft malicious USD fi...

CVE-2020-27918 is a use-after-free vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web c...

CVE-2020-27903 is a privilege escalation vulnerability in macOS that allows an application to gain elevated privileges. This affects macOS systems pri...

CVE-2020-27905 is a memory corruption vulnerability in Apple's iOS, iPadOS, tvOS, and watchOS that allows a malicious application to execute arbitrary...

CVE-2020-27909 is an out-of-bounds read vulnerability in Apple's audio file processing that could allow arbitrary code execution when processing a mal...

CVE-2020-27911 is an integer overflow vulnerability in Apple operating systems that could allow a remote attacker to crash applications or execute arb...

CVE-2020-27916 is an out-of-bounds write vulnerability in Apple's audio file processing that could allow arbitrary code execution when processing mali...

This vulnerability is a use-after-free memory corruption flaw in iOS/iPadOS WebKit that allows arbitrary code execution when processing malicious web ...

CVE-2020-27930 is a memory corruption vulnerability in Apple's font processing that allows arbitrary code execution when processing malicious fonts. A...

CVE-2020-10017 is an out-of-bounds write vulnerability in Apple's audio file processing that could allow arbitrary code execution when a malicious aud...

CVE-2020-9996 is a use-after-free vulnerability in Apple operating systems that allows malicious applications to elevate privileges. This affects macO...

CVE-2020-9965 is an out-of-bounds read vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privi...

This vulnerability allows arbitrary code execution or application crashes when processing malicious USD files on Apple devices. It affects iOS and iPa...

This CVE-2020-9981 is a use-after-free vulnerability in Apple's memory management that allows arbitrary code execution when processing malicious files...

CVE-2020-9947 is a use-after-free vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web co...

This is a use-after-free vulnerability in Apple's WebKit browser engine that could allow arbitrary code execution when processing malicious web conten...

This CVE describes a memory corruption vulnerability in Apple operating systems that allows an application to execute arbitrary code with kernel privi...

This vulnerability allows a local attacker to bypass symlink path validation in Apple operating systems, potentially gaining elevated privileges. It a...

This CVE describes a path handling vulnerability in Apple operating systems that allows local attackers to elevate privileges through improper validat...

This CVE describes a kernel privilege escalation vulnerability in Apple's iOS, iPadOS, and tvOS. An application could exploit a logic issue to execute...

A heap overflow vulnerability in Pixar OpenUSD 20.05 allows attackers to execute arbitrary code or cause denial of service by parsing specially crafte...

CVE-2020-8037 is a memory allocation vulnerability in tcpdump's PPP decapsulator that allows attackers to trigger excessive memory consumption through...

This vulnerability is a use-after-free memory corruption flaw in Chrome's WebRTC component. It allows remote attackers to potentially execute arbitrar...

This macOS vulnerability allows malicious applications to overwrite arbitrary files on the system. It affects macOS High Sierra, Mojave, and Catalina ...

This CVE describes a logic issue in Apple's DOM implementation where a DOM object context may not have had a unique security origin. This could allow ...

This vulnerability allowed Siri Suggestions to access encrypted data without proper authorization on macOS systems. It affected macOS High Sierra, Moj...

CVE-2020-9941 is a macOS vulnerability that allows a remote attacker to unexpectedly alter application state through improved checks. This affects mac...

This vulnerability allows attackers to cause out-of-bounds memory reads when processing malicious USD (Universal Scene Description) files. Successful ...

CVE-2020-3851 is a use-after-free vulnerability in macOS that allows an application to gain elevated privileges. This affects macOS High Sierra, Mojav...

This vulnerability allows an application to gain elevated privileges on affected Apple systems. It affects multiple Apple operating systems and softwa...

This is a memory corruption vulnerability in macOS that allows an application to execute arbitrary code with kernel privileges. It affects macOS High ...

This vulnerability allows passive tracking of Apple devices via their Wi-Fi MAC addresses, which were broadcasted in probe requests. It affects users ...

This is a use-after-free vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web content. It...

CVE-2019-8840 is an out-of-bounds read vulnerability in Xcode that could allow arbitrary code execution when compiling untrusted source code. This aff...

This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute arbitrary code by tricking users into visiting malic...

This is a memory corruption vulnerability in macOS that allows arbitrary code execution when processing malicious web content. Attackers can exploit t...