CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-24668 DoS 2022-02-09 2022-02-22
5.0
None Remote Low Not required None None Partial
A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handling. ORIGIN and ALTSVC frames are not currently supported by swift-nio-http2, and should be ignored. However, one code path that encounters them has a deliberate trap instead. This was left behind from the original development process and was never removed. Sending an ALTSVC or ORIGIN frame does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send one of these frames. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send these frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself. This is a controlled, intentional crash. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz.
2 CVE-2022-24667 190 DoS Overflow 2022-02-09 2022-02-22
5.0
None Remote Low Not required None None Partial
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the parsing of HPACK-encoded header blocks that allow maliciously crafted HPACK header blocks to cause crashes in processes using swift-nio-http2. Each of these crashes is triggered instead of an integer overflow. A malicious HPACK header block could be sent on any of the HPACK-carrying frames in a HTTP/2 connection (HEADERS and PUSH_PROMISE), at any position. Sending a HPACK header block does not require any special permission, so any HTTP/2 connection peer may send one. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send an appropriately crafted field block. The impact on availability is high: receiving a frame carrying this field block immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send appropriately crafted field blocks, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself: swift-nio-http2 is parsing the field block in memory-safe code and the crash is triggered instead of an integer overflow. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle all conditions in the function. The principal issue was found by automated fuzzing by oss-fuzz, but several associated bugs in the same code were found by code audit and fixed at the same time
3 CVE-2022-24666 DoS 2022-02-09 2022-02-22
5.0
None Remote Low Not required None None Partial
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS frame where the frame contains priority information without any other data. This logical error caused confusion about the size of the frame, leading to a parsing error. This parsing error immediately crashes the entire process. Sending a HEADERS frame with HTTP/2 priority information does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send an appropriately crafted frame. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send appropriately crafted frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself: swift-nio-http2 is parsing the frame in memory-safe code, so the crash is safe. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz.
4 CVE-2022-22653 20 2022-03-18 2022-03-24
5.0
None Remote Low Not required Partial None None
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices.
5 CVE-2022-22643 2022-03-18 2022-03-24
5.0
None Remote Low Not required None Partial None
This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so.
6 CVE-2022-22627 787 2022-03-18 2022-03-26
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
7 CVE-2022-22626 125 2022-03-18 2022-03-28
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
8 CVE-2022-22625 125 2022-03-18 2022-03-28
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
9 CVE-2022-22609 2022-03-18 2022-03-24
5.0
None Remote Low Not required Partial None None
The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications' settings.
10 CVE-2022-22585 59 2022-03-18 2022-03-28
5.0
None Remote Low Not required Partial None None
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a user's files.
11 CVE-2021-30995 362 2021-08-24 2022-02-21
5.1
None Remote High Not required Partial Partial Partial
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.
12 CVE-2021-30984 362 Exec Code 2021-08-24 2022-02-19
5.1
None Remote High Not required Partial Partial Partial
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.
13 CVE-2021-30966 668 2021-08-24 2021-12-29
5.0
None Remote Low Not required Partial None None
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.
14 CVE-2021-30930 2021-08-24 2021-12-28
5.0
None Remote Low Not required Partial None None
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. An attacker may be able to track users through their IP address.
15 CVE-2021-30904 662 2021-08-24 2021-12-28
5.0
None Remote Low Not required Partial None None
A sync issue was addressed with improved state validation. This issue is fixed in macOS Monterey 12.0.1. A user's messages may continue to sync after the user has signed out of iMessage.
16 CVE-2021-30882 2021-08-24 2021-11-01
5.0
None Remote Low Not required None Partial None
A logic issue was addressed with improved validation. This issue is fixed in watchOS 8, iOS 15 and iPadOS 15. An application with microphone permission may unexpectedly access microphone input during a FaceTime call.
17 CVE-2021-30880 125 2021-08-24 2021-11-01
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
18 CVE-2021-30879 125 2021-08-24 2021-11-01
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
19 CVE-2021-30877 125 2021-08-24 2021-11-01
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
20 CVE-2021-30876 125 2021-08-24 2021-11-01
5.8
None Remote Medium Not required Partial None Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
21 CVE-2021-30874 862 2021-08-24 2021-11-23
5.0
None Remote Low Not required None Partial None
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A VPN configuration may be installed by an app without user permission.
22 CVE-2021-30864 2021-08-24 2022-02-11
5.0
None Remote Low Not required None Partial None
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A sandboxed process may be able to circumvent sandbox restrictions.
23 CVE-2021-30856 863 Bypass 2021-08-24 2022-03-25
5.8
None Remote Medium Not required Partial Partial None
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences.
24 CVE-2021-30854 2021-08-24 2021-11-01
5.0
None Remote Low Not required None Partial None
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions.
25 CVE-2021-30844 401 2021-10-19 2022-05-03
5.0
None Remote Low Not required Partial None None
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory.
26 CVE-2021-30826 2021-10-19 2022-03-25
5.0
None Remote Low Not required None Partial None
A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection.
27 CVE-2021-30800 DoS Exec Code 2021-09-08 2021-09-21
5.8
None Local Network Low Not required Partial Partial Partial
This issue was addressed with improved checks. This issue is fixed in iOS 14.7. Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution.
28 CVE-2021-30788 2021-09-08 2021-09-15
5.8
None Remote Medium Not required Partial None Partial
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.
29 CVE-2021-30786 362 Exec Code 2021-09-08 2021-09-21
5.1
None Remote High Not required Partial Partial Partial
A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.
30 CVE-2021-30741 416 2021-09-08 2021-09-14
5.8
None Remote Medium Not required None Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
31 CVE-2021-30729 2021-09-08 2021-09-14
5.0
None Remote Low Not required None Partial None
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.6 and iPadOS 14.6. A device may accept invalid activation results.
32 CVE-2021-30720 287 2021-09-08 2021-09-22
5.8
None Remote Medium Not required Partial Partial None
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.
33 CVE-2021-30715 DoS 2021-09-08 2021-09-16
5.0
None Remote Low Not required None None Partial
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted message may lead to a denial of service.
34 CVE-2021-30710 787 DoS Mem. Corr. 2021-09-08 2021-09-16
5.8
None Remote Medium Not required Partial None Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may cause a denial of service or potentially disclose memory contents.
35 CVE-2021-30698 476 DoS 2021-09-08 2021-09-17
5.0
None Remote Low Not required None None Partial
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.
36 CVE-2021-22946 319 Bypass 2021-09-29 2022-05-13
5.0
None Remote Low Not required Partial None None
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
37 CVE-2021-22945 415 2021-09-23 2022-04-15
5.8
None Remote Medium Not required Partial None Partial
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
38 CVE-2021-22925 908 2021-08-05 2022-05-16
5.0
None Remote Low Not required Partial None None
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
39 CVE-2021-4166 125 2021-12-25 2022-05-17
5.8
None Remote Medium Not required Partial None Partial
vim is vulnerable to Out-of-bounds Read
40 CVE-2021-1849 347 Bypass 2021-09-08 2021-09-20
5.0
None Remote Low Not required Partial None None
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to bypass Privacy preferences.
41 CVE-2021-1809 125 Mem. Corr. 2021-09-08 2021-09-16
5.0
None Remote Low Not required Partial None None
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.
42 CVE-2021-1808 125 Mem. Corr. 2021-09-08 2021-09-16
5.0
None Remote Low Not required Partial None None
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.
43 CVE-2021-1784 732 2021-09-08 2021-09-16
5.0
None Remote Low Not required None Partial None
A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to modify protected parts of the file system.
44 CVE-2021-1764 416 DoS 2021-04-02 2021-04-09
5.0
None Remote Low Not required None None Partial
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.
45 CVE-2021-1761 DoS 2021-04-02 2021-04-13
5.0
None Remote Low Not required None None Partial
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.
46 CVE-2020-36230 617 DoS 2021-01-26 2022-04-30
5.0
None Remote Low Not required None None Partial
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
47 CVE-2020-36229 843 DoS 2021-01-26 2022-04-13
5.0
None Remote Low Not required None None Partial
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
48 CVE-2020-36228 191 DoS 2021-01-26 2022-04-13
5.0
None Remote Low Not required None None Partial
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
49 CVE-2020-36227 835 DoS 2021-01-26 2022-04-13
5.0
None Remote Low Not required None None Partial
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
50 CVE-2020-36226 DoS 2021-01-26 2022-04-13
5.0
None Remote Low Not required None None Partial
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
Total number of vulnerabilities : 692   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.