Total
2350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30937 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-04-01 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30942 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-04-01 | 6.8 MEDIUM | 7.8 HIGH |
| Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2022-1030 | 3 Apple, Linux, Okta | 3 Macos, Linux Kernel, Advanced Server Access | 2022-04-01 | 9.3 HIGH | 8.8 HIGH |
| Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system. | |||||
| CVE-2022-22586 | 1 Apple | 1 Macos | 2022-03-28 | 10.0 HIGH | 9.8 CRITICAL |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22587 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-03-28 | 10.0 HIGH | 9.8 CRITICAL |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. | |||||
| CVE-2022-22585 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a user's files. | |||||
| CVE-2022-22584 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-28 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2022-22578 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-28 | 9.3 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges. | |||||
| CVE-2022-22594 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2022-03-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information. | |||||
| CVE-2022-22599 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-03-28 | 2.1 LOW | 2.4 LOW |
| Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen. | |||||
| CVE-2022-22579 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2022-03-28 | 9.3 HIGH | 7.8 HIGH |
| An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-22627 | 1 Apple | 2 Mac Os X, Macos | 2022-03-25 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2022-22593 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-03-25 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22591 | 1 Apple | 1 Macos | 2022-03-25 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22657 | 1 Apple | 3 Garageband, Logic Pro X, Macos | 2022-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-22639 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. | |||||
| CVE-2022-22664 | 1 Apple | 3 Garageband, Logic Pro X, Macos | 2022-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2022-22597 | 1 Apple | 2 Mac Os X, Macos | 2022-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2022-24091 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-03-25 | 9.3 HIGH | 7.8 HIGH |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. | |||||
| CVE-2022-24092 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-03-25 | 9.3 HIGH | 7.8 HIGH |
| Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. | |||||