CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Macos : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-42832 362 Exec Code 2022-11-01 2022-11-04
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.
2 CVE-2022-42831 362 Exec Code 2022-11-01 2022-11-04
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.
3 CVE-2022-42830 Exec Code 2022-11-01 2022-11-04
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.
4 CVE-2022-42829 416 Exec Code 2022-11-01 2022-11-04
0.0
None ??? ??? ??? ??? ??? ???
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.
5 CVE-2022-42827 787 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
6 CVE-2022-42825 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system.
7 CVE-2022-42824 2022-11-01 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information.
8 CVE-2022-42823 843 Exec Code 2022-11-01 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
9 CVE-2022-42820 Exec Code Mem. Corr. 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution.
10 CVE-2022-42819 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to read sensitive location information.
11 CVE-2022-42818 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity.
12 CVE-2022-42815 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.
13 CVE-2022-42814 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.
14 CVE-2022-42813 295 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution.
15 CVE-2022-42811 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
An access issue was addressed with additional sandbox restrictions. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to access user-sensitive data.
16 CVE-2022-42810 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing a maliciously crafted USD file may disclose memory contents.
17 CVE-2022-42809 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution.
18 CVE-2022-42808 787 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution.
19 CVE-2022-42806 362 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
20 CVE-2022-42803 362 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.
21 CVE-2022-42801 Exec Code 2022-11-01 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
A logic issue was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.
22 CVE-2022-42800 Exec Code 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution.
23 CVE-2022-42799 1021 2022-11-01 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
24 CVE-2022-42798 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. Parsing a maliciously crafted audio file may lead to disclosure of user information.
25 CVE-2022-42796 +Priv 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges.
26 CVE-2022-42795 787 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution.
27 CVE-2022-42793 20 Bypass 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks.
28 CVE-2022-42791 362 Exec Code 2022-11-01 2022-11-10
0.0
None ??? ??? ??? ??? ??? ???
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
29 CVE-2022-42790 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen.
30 CVE-2022-42789 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data.
31 CVE-2022-42788 732 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Ventura 13. A malicious application may be able to read sensitive location information.
32 CVE-2022-37434 787 Overflow 2022-08-05 2022-11-16
0.0
None ??? ??? ??? ??? ??? ???
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
33 CVE-2022-32947 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.
34 CVE-2022-32944 Exec Code Mem. Corr. 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to execute arbitrary code with kernel privileges.
35 CVE-2022-32941 120 Exec Code Overflow 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A buffer overflow may result in arbitrary code execution.
36 CVE-2022-32940 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.
37 CVE-2022-32938 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. A shortcut may be able to check the existence of an arbitrary path on the file system.
38 CVE-2022-32936 125 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to disclose kernel memory.
39 CVE-2022-32935 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user may be able to view restricted content from the lock screen.
40 CVE-2022-32934 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution.
41 CVE-2022-32928 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials.
42 CVE-2022-32926 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16. An app with root privileges may be able to execute arbitrary code with kernel privileges.
43 CVE-2022-32924 Exec Code 2022-11-01 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.
44 CVE-2022-32923 2022-11-01 2022-11-09
0.0
None ??? ??? ??? ??? ??? ???
A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app.
45 CVE-2022-32922 416 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution.
46 CVE-2022-32918 Bypass 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences.
47 CVE-2022-32917 787 Exec Code 2022-09-20 2022-10-31
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
48 CVE-2022-32915 843 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
49 CVE-2022-32914 416 Exec Code 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.
50 CVE-2022-32913 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.
Total number of vulnerabilities : 842   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.