Filtered by vendor Apple
Subscriptions
Total
13180 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48384 | 4 Apple, Debian, Git and 1 more | 4 Xcode, Debian Linux, Git and 1 more | 2025-11-06 | 8.1 High |
| Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1. | ||||
| CVE-2025-6558 | 5 Apple, Debian, Google and 2 more | 10 Ipados, Iphone Os, Macos and 7 more | 2025-11-06 | 8.8 High |
| Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-41991 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-05 | 5.5 Medium |
| A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | ||||
| CVE-2023-41992 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-05 | 7.8 High |
| The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | ||||
| CVE-2023-41993 | 7 Apple, Debian, Fedoraproject and 4 more | 17 Ipad Os, Ipados, Iphone Os and 14 more | 2025-11-05 | 8.8 High |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | ||||
| CVE-2023-42824 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-05 | 7.8 High |
| The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. | ||||
| CVE-2024-23222 | 2 Apple, Redhat | 11 Ipados, Iphone Os, Macos and 8 more | 2025-11-05 | 8.8 High |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. | ||||
| CVE-2025-43499 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-11-05 | 5.5 Medium |
| This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to access sensitive user data. | ||||
| CVE-2025-43495 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2025-11-05 | 5.4 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to monitor keystrokes without user permission. | ||||
| CVE-2025-43442 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2025-11-05 | 3.3 Low |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to identify what other apps a user has installed. | ||||
| CVE-2025-43389 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2025-11-05 | 5.5 Medium |
| A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to access sensitive user data. | ||||
| CVE-2025-43365 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2025-11-05 | 2.8 Low |
| A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An unprivileged process may be able to terminate a root processes. | ||||
| CVE-2024-23225 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2025-11-05 | 7.8 High |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | ||||
| CVE-2024-23296 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2025-11-05 | 7.8 High |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | ||||
| CVE-2025-43454 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2025-11-05 | 7.5 High |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. A device may persistently fail to lock. | ||||
| CVE-2025-43481 | 1 Apple | 2 Macos, Macos Sequoia | 2025-11-05 | 5.2 Medium |
| This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to break out of its sandbox. | ||||
| CVE-2025-43468 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-11-05 | 5.5 Medium |
| A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data. | ||||
| CVE-2025-43452 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2025-11-05 | 4.6 Medium |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 26.1 and iPadOS 26.1. Keyboard suggestions may display sensitive information on the lock screen. | ||||
| CVE-2025-43409 | 1 Apple | 1 Macos | 2025-11-05 | 5.5 Medium |
| A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to access sensitive user data. | ||||
| CVE-2025-43350 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2025-11-05 | 2.4 Low |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker may be able to view restricted content from the lock screen. | ||||