Apple Security Vulnerabilities (CVEs)

This vulnerability allows arbitrary code execution on macOS systems by viewing a malicious JPEG file. Attackers can exploit memory corruption in the i...

This vulnerability allows a local attacker to bypass symlink path validation, potentially gaining elevated privileges on affected Apple devices. It af...

This vulnerability allows arbitrary code execution by processing a maliciously crafted image due to an out-of-bounds write memory corruption issue. It...

This vulnerability allows arbitrary code execution when processing maliciously crafted images due to an out-of-bounds read. It affects multiple Apple ...

An integer overflow vulnerability in Apple's image processing components allows arbitrary code execution when processing malicious images. This affect...

CVE-2020-9877 is an out-of-bounds read vulnerability in Apple's image processing that could allow arbitrary code execution when processing malicious i...

This CVE describes a buffer overflow vulnerability in Apple's USD file processing that could allow arbitrary code execution. Attackers can exploit thi...

CVE-2020-3915 is a path handling vulnerability in macOS that allows malicious applications to overwrite arbitrary files on the system. This affects ma...

This macOS vulnerability allows a user to bypass file system protections and access restricted areas. It affects macOS Catalina versions before 10.15....

CVE-2020-9779 is an out-of-bounds read vulnerability in macOS kernel memory handling that allows a local user to read kernel memory or cause system cr...

This macOS kernel vulnerability allows a malicious application to exploit a race condition to execute arbitrary code with kernel privileges. It affect...

CVE-2020-9828 is an out-of-bounds read vulnerability in macOS that allows a remote attacker to potentially leak sensitive user information. This affec...

This CVE describes a privilege escalation vulnerability in Apple operating systems where a malicious application could bypass security restrictions an...

CVE-2020-9983 is an out-of-bounds write vulnerability in Safari that allows remote code execution when processing malicious web content. Attackers can...

This vulnerability allows a remote attacker to cause a denial of service on affected Apple iOS and iPadOS devices. The specific attack vector is not p...

This vulnerability allows a remote attacker to cause denial of service by sending specially crafted input to iOS/iPadOS devices, leading to unexpected...

CVE-2020-9936 is an out-of-bounds write vulnerability in Apple's image processing components, allowing arbitrary code execution when a malicious image...

CVE-2020-9948 is a type confusion vulnerability in Safari's WebKit engine that allows malicious web content to trigger memory corruption. Successful e...

CVE-2020-9952 is a cross-site scripting (XSS) vulnerability in Apple's web content processing components. It allows attackers to execute malicious scr...

This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious audio files. It affects Apple devices running o...

CVE-2020-9893 is a use-after-free vulnerability in Apple's memory management that could allow a remote attacker to crash applications or execute arbit...

CVE-2020-9907 is a memory corruption vulnerability in Apple iOS, iPadOS, and tvOS that allows malicious applications to execute arbitrary code with ke...

This vulnerability allows a malicious attacker with arbitrary read/write capability to bypass Pointer Authentication mechanisms in Apple operating sys...

This CVE describes a Bluetooth input validation vulnerability in Apple devices that allows attackers in a privileged network position to send malforme...

This vulnerability allows an attacker with memory write capability to bypass pointer authentication codes, potentially enabling arbitrary code executi...

This vulnerability allows attackers to execute arbitrary code by tricking users into processing a malicious audio file. It affects Apple devices runni...

This vulnerability allows attackers to execute arbitrary code by tricking users into processing a malicious audio file. It affects Apple iOS, iPadOS, ...

CVE-2020-9799 is an out-of-bounds read vulnerability in macOS that allows malicious applications to execute arbitrary code with kernel privileges. Thi...

This vulnerability in libpcre (PCRE library) allows attackers to read beyond allocated memory buffers when processing certain regular expressions with...

CVE-2020-9847 is an out-of-bounds read vulnerability in macOS that allows malicious applications to potentially escape their sandbox restrictions. Thi...

This CVE describes an integer overflow vulnerability in Apple operating systems that allows malicious applications to execute arbitrary code with kern...

This vulnerability in Windows Migration Assistant allows attackers to execute arbitrary code by tricking users into running the installer from an untr...

This is a memory corruption vulnerability in Apple's iOS, iPadOS, and macOS that allows an application to execute arbitrary code with kernel privilege...

This is a memory corruption vulnerability in macOS that allows an application to execute arbitrary code with kernel privileges. It affects macOS syste...

CVE-2020-9837 is an out-of-bounds read vulnerability in Apple operating systems that allows a remote attacker to leak memory, potentially exposing sen...

This CVE describes an integer overflow vulnerability in macOS that allows an application to execute arbitrary code with kernel privileges. It affects ...

This CVE describes a cross-site scripting (XSS) vulnerability in Apple's web content processing across multiple platforms. Attackers can inject malici...

CVE-2020-9815 is an out-of-bounds read vulnerability in Apple's audio file processing that could allow arbitrary code execution when processing a mali...

CVE-2020-9817 is a privilege escalation vulnerability in macOS that allows malicious applications to gain root privileges due to improper permission v...

This CVE describes a logic issue in iOS/iPadOS that allows a remote attacker to modify the file system. The vulnerability affects Apple mobile devices...

This CVE describes a kernel privilege escalation vulnerability in macOS where a malicious application could exploit an out-of-bounds write to execute ...

This macOS vulnerability allows non-privileged users to modify restricted network settings, potentially bypassing security controls. It affects macOS ...

This vulnerability allows a remote attacker to cause a denial of service (DoS) condition on affected Apple devices by sending specially crafted input....