An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.
Max CVSS
5.5
EPSS Score
0.09%
Published
2022-09-23
Updated
2023-01-12
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution.
Max CVSS
9.3
EPSS Score
0.13%
Published
2022-03-18
Updated
2022-03-28
An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6, watchOS 6.2.8. A malicious application may disclose restricted memory.
Max CVSS
5.5
EPSS Score
0.07%
Published
2020-10-22
Updated
2020-10-26
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
Max CVSS
7.1
EPSS Score
0.08%
Published
2020-06-09
Updated
2023-01-09
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
Max CVSS
5.5
EPSS Score
0.08%
Published
2020-06-09
Updated
2023-01-09
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine kernel memory layout.
Max CVSS
7.1
EPSS Score
0.11%
Published
2020-06-09
Updated
2023-01-09
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine another application's memory layout.
Max CVSS
5.5
EPSS Score
0.11%
Published
2020-06-09
Updated
2023-01-09
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.
Max CVSS
3.1
EPSS Score
0.67%
Published
2020-02-05
Updated
2020-08-11
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Max CVSS
7.1
EPSS Score
0.20%
Published
2019-08-09
Updated
2023-02-28
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
Max CVSS
7.1
EPSS Score
0.20%
Published
2019-08-09
Updated
2023-02-28
The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes.
Max CVSS
3.3
EPSS Score
0.04%
Published
2019-12-18
Updated
2022-01-01
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
Max CVSS
5.5
EPSS Score
0.08%
Published
2019-04-03
Updated
2019-04-05
This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1.
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-04-03
Updated
2019-04-05
A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-04-03
Updated
2019-04-05
An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6.
Max CVSS
7.1
EPSS Score
0.07%
Published
2019-04-03
Updated
2019-04-04
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of sensitive user information.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-06-08
Updated
2019-03-07
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent device identifier.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-06-08
Updated
2018-07-17
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent account identifier.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-06-08
Updated
2018-07-17
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates.
Max CVSS
7.5
EPSS Score
0.22%
Published
2018-06-08
Updated
2019-03-08
In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was addressed with improved indexing.
Max CVSS
7.5
EPSS Score
0.17%
Published
2019-01-11
Updated
2020-08-24
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or obtain sensitive information via a crafted app.
Max CVSS
9.3
EPSS Score
0.07%
Published
2018-06-08
Updated
2019-10-03
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.
Max CVSS
7.5
EPSS Score
0.37%
Published
2019-01-11
Updated
2019-03-08
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties.
Max CVSS
7.1
EPSS Score
0.06%
Published
2018-06-08
Updated
2018-07-13
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Graphics Drivers" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Max CVSS
5.5
EPSS Score
0.05%
Published
2018-06-08
Updated
2018-07-13
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Max CVSS
5.5
EPSS Score
0.05%
Published
2018-06-08
Updated
2018-07-13