Filtered by vendor Apple
Subscriptions
Total
13190 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4750 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1857. | ||||
| CVE-2023-4736 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. | ||||
| CVE-2023-4735 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. | ||||
| CVE-2023-4734 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. | ||||
| CVE-2023-4733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1840. | ||||
| CVE-2023-4136 | 4 Apple, Craftercms, Linux and 1 more | 4 Macos, Craftercms, Linux Kernel and 1 more | 2025-02-13 | 7.4 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27. | ||||
| CVE-2023-1409 | 3 Apple, Microsoft, Mongodb | 3 Macos, Windows, Mongodb | 2025-02-13 | 5.3 Medium |
| If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate. This issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions. | ||||
| CVE-2023-4359 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Iphone Os, Debian Linux, Fedora and 1 more | 2025-02-13 | 5.3 Medium |
| Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-42956 | 2 Apple, Redhat | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-13 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. | ||||
| CVE-2023-42890 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2025-02-13 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2023-42883 | 3 Apple, Debian, Redhat | 9 Ipados, Iphone Os, Macos and 6 more | 2025-02-13 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. | ||||
| CVE-2023-42861 | 1 Apple | 1 Macos | 2025-02-13 | 6.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac. | ||||
| CVE-2023-42857 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-13 | 3.3 Low |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data. | ||||
| CVE-2023-42856 | 1 Apple | 1 Macos | 2025-02-13 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-42854 | 1 Apple | 1 Macos | 2025-02-13 | 5.5 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients. | ||||
| CVE-2023-42850 | 1 Apple | 1 Macos | 2025-02-13 | 5.5 Medium |
| The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data. | ||||
| CVE-2023-42849 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-02-13 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | ||||
| CVE-2023-42847 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-13 | 7.5 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication. | ||||
| CVE-2023-42846 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-02-13 | 5.3 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address. | ||||
| CVE-2023-42845 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2025-02-13 | 5.3 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. Photos in the Hidden Photos Album may be viewed without authentication. | ||||