Filtered by vendor Apple
Subscriptions
Total
12826 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43277 | 1 Apple | 7 Ios, Ipados, Macos and 4 more | 2025-09-29 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8. Processing a maliciously crafted audio file may lead to memory corruption. | ||||
| CVE-2023-48795 | 42 9bis, Apache, Apple and 39 more | 77 Kitty, Sshd, Sshj and 74 more | 2025-09-29 | 5.9 Medium |
| The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. | ||||
| CVE-2025-43228 | 1 Apple | 4 Ios, Ipados, Iphone Os and 1 more | 2025-09-29 | 4.3 Medium |
| The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing. | ||||
| CVE-2025-34190 | 4 Apple, Linux, Printerlogic and 1 more | 6 Macos, Linux Kernel, Vasion Print and 3 more | 2025-09-29 | 7.8 High |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 (macOS/Linux client deployments) are vulnerable to an authentication bypass in PrinterInstallerClientService. The service requires root privileges for certain administrative operations, but these checks rely on calls to geteuid(). By preloading a malicious shared object overriding geteuid(), a local attacker can trick the service into believing it is running with root privileges. This bypass enables execution of administrative commands (e.g., enabling debug mode, managing configurations, or invoking privileged features) without proper authorization. While some actions requiring write access to protected files may still fail, the flaw effectively breaks the intended security model of the inter-process communication (IPC) system, allowing local attackers to escalate privileges and compromise system integrity. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced. | ||||
| CVE-2025-11130 | 2 Apple, Ihongren | 2 Macos, Pptp-vpn | 2025-09-29 | 8.4 High |
| A weakness has been identified in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the function shouldAcceptNewConnection of the file HelpTool/HelperTool.m of the component XPC Service. This manipulation causes missing authentication. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-34191 | 4 Apple, Linux, Printerlogic and 1 more | 6 Macos, Linux Kernel, Vasion Print and 3 more | 2025-09-29 | 8.4 High |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (macOS/Linux client deployments) contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into files under /opt/PrinterInstallerClient/tmp/responses/ reusing the requested filename. The service follows symbolic links in the responses directory and writes as the service user (typically root), allowing a local, unprivileged user to cause the service to overwrite or create arbitrary files on the filesystem as root. This can be used to modify configuration files, replace or inject binaries or drivers, and otherwise achieve local privilege escalation and full system compromise. | ||||
| CVE-2024-53647 | 3 Apple, Google, Trendmicro | 4 Iphone Os, Android, Id Security and 1 more | 2025-09-29 | 6.5 Medium |
| Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service. | ||||
| CVE-2025-1095 | 4 Apple, Ibm, Linux and 1 more | 4 Macos, Personal Communications, Linux Kernel and 1 more | 2025-09-29 | 8.8 High |
| IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). The vulnerability allows any interactively logged in users on the target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a low privileged attacker to escalate their privileges. This vulnerability is due to an incomplete fix for CVE-2024-25029. | ||||
| CVE-2025-8901 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-26 | 8.8 High |
| Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-8879 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-26 | 8.8 High |
| Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High) | ||||
| CVE-2025-8011 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-26 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-8010 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-26 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-43353 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-09-26 | 5.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. Processing a maliciously crafted string may lead to heap corruption. | ||||
| CVE-2025-30438 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-09-26 | 5.5 Medium |
| This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started. | ||||
| CVE-2025-43349 | 1 Apple | 10 Ios, Ipados, Iphone Os and 7 more | 2025-09-26 | 2.8 Low |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted video file may lead to unexpected app termination. | ||||
| CVE-2025-43346 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2025-09-26 | 5.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, iOS 18.7 and iPadOS 18.7, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43276 | 1 Apple | 2 Macos, Macos Sequoia | 2025-09-25 | 5.3 Medium |
| A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15.6. iCloud Private Relay may not activate when more than one user is logged in at the same time. | ||||
| CVE-2025-1398 | 2 Apple, Mattermost | 3 Macos, Mattermost, Mattermost Desktop | 2025-09-25 | 3.3 Low |
| Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection. | ||||
| CVE-2025-10500 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-25 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-10501 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-09-25 | 8.8 High |
| Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||