CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-30899 362 Exec Code 2021-08-24 2021-11-02
7.6
None Remote High Not required Complete Complete Complete
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.
2 CVE-2021-30868 362 Exec Code 2021-08-24 2021-11-01
7.6
None Remote High Not required Complete Complete Complete
A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.
3 CVE-2021-30857 362 Exec Code 2021-08-24 2021-11-01
7.6
None Remote High Not required Complete Complete Complete
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.
4 CVE-2021-30850 668 2021-10-19 2021-11-05
7.1
None Remote Medium Not required Complete None None
An access issue was addressed with improved access restrictions. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access to protected parts of the file system.
5 CVE-2021-30820 Exec Code 2021-10-19 2021-10-20
7.5
None Remote Low Not required Partial Partial Partial
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution.
6 CVE-2021-30798 668 Bypass 2021-09-08 2021-09-14
7.8
None Remote Low Not required Complete None None
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.
7 CVE-2021-30704 Exec Code 2021-09-08 2021-09-17
7.2
None Local Low Not required Complete Complete Complete
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.
8 CVE-2021-30703 415 Exec Code 2021-09-08 2021-09-17
7.2
None Local Low Not required Complete Complete Complete
A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.
9 CVE-2021-30690 2021-09-08 2021-09-17
7.5
None Remote Low Not required Partial Partial Partial
Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache.
10 CVE-2021-30678 Exec Code 2021-09-08 2021-09-17
7.5
None Remote Low Not required Partial Partial Partial
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
11 CVE-2021-30660 125 2021-09-08 2021-09-20
7.8
None Remote Low Not required Complete None None
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to disclose kernel memory.
12 CVE-2021-30656 668 2021-09-08 2021-09-20
7.1
None Remote Medium Not required Complete None None
An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout.
13 CVE-2021-30652 362 +Priv 2021-09-08 2021-09-20
7.6
None Remote High Not required Complete Complete Complete
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges.
14 CVE-2021-1882 787 +Priv Mem. Corr. 2021-09-08 2021-09-20
7.5
None Remote Low Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.
15 CVE-2021-1871 Exec Code 2021-04-02 2021-05-31
7.5
None Remote Low Not required Partial Partial Partial
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
16 CVE-2021-1870 Exec Code 2021-04-02 2021-06-02
7.5
None Remote Low Not required Partial Partial Partial
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
17 CVE-2021-1864 416 Exec Code 2021-09-08 2021-09-16
7.5
None Remote Low Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code.
18 CVE-2021-1860 665 2021-09-08 2021-09-17
7.1
None Remote Medium Not required Complete None None
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to disclose kernel memory.
19 CVE-2021-1859 2021-09-08 2021-09-17
7.8
None Remote Low Not required Complete None None
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3. Locked Notes content may have been unexpectedly unlocked.
20 CVE-2021-1821 DoS 2021-10-28 2021-11-02
7.1
None Remote Medium Not required None None Complete
A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.
21 CVE-2021-1818 Exec Code 2021-04-02 2021-04-08
7.5
None Remote Low Not required Partial Partial Partial
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
22 CVE-2021-1806 362 Exec Code 2021-04-02 2021-05-04
7.6
None Remote High Not required Complete Complete Complete
A race condition was addressed with additional validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges.
23 CVE-2021-1796 787 Exec Code 2021-04-02 2021-04-07
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.
24 CVE-2021-1795 787 Exec Code 2021-04-02 2021-04-07
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.
25 CVE-2021-1794 125 Exec Code 2021-04-02 2021-04-07
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.
26 CVE-2021-1791 125 2021-04-02 2021-04-09
7.1
None Remote Medium Not required Complete None None
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to disclose kernel memory.
27 CVE-2021-1770 119 Exec Code Overflow 2021-09-08 2021-09-16
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management.
28 CVE-2020-29622 362 Exec Code 2021-10-19 2021-10-22
7.6
None Remote High Not required Complete Complete Complete
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
29 CVE-2020-27950 665 2020-12-08 2021-02-11
7.1
None Remote Medium Not required Complete None None
A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.
30 CVE-2020-27897 787 Exec Code 2021-04-02 2021-05-04
7.2
None Local Low Not required Complete Complete Complete
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.
31 CVE-2020-9927 787 Exec Code Mem. Corr. 2020-10-22 2020-10-27
7.2
None Local Low Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
32 CVE-2020-9902 125 2020-10-22 2020-10-30
7.1
None Remote Medium Not required Complete None None
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to determine kernel memory layout.
33 CVE-2020-9898 2020-10-22 2020-10-27
7.5
None Remote Low Not required Partial Partial Partial
This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A sandboxed process may be able to circumvent sandbox restrictions.
34 CVE-2020-9895 416 Exec Code 2020-10-16 2020-10-20
7.5
None Remote Low Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
35 CVE-2020-9866 120 Exec Code Overflow 2020-10-27 2020-10-29
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution.
36 CVE-2020-9859 400 Exec Code 2020-06-05 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
37 CVE-2020-9850 Exec Code 2020-06-09 2020-10-16
7.5
None Remote Low Not required Partial Partial Partial
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.
38 CVE-2020-9844 415 2020-06-09 2020-10-16
7.8
None Remote Low Not required None None Complete
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
39 CVE-2020-9838 125 Exec Code 2020-06-09 2020-06-09
7.5
None Remote Low Not required Partial Partial Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5. A remote attacker may be able to cause arbitrary code execution.
40 CVE-2020-9812 200 +Info 2020-06-09 2021-07-21
7.1
None Remote Medium Not required Complete None None
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
41 CVE-2020-9809 200 +Info 2020-06-09 2021-07-21
7.1
None Remote Medium Not required Complete None None
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine kernel memory layout.
42 CVE-2020-9769 2020-04-01 2020-04-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim.
43 CVE-2020-3911 120 Overflow 2020-04-01 2020-04-02
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
44 CVE-2020-3910 120 Overflow 2020-04-01 2020-04-02
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
45 CVE-2020-3909 120 Overflow 2020-04-01 2020-10-20
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
46 CVE-2020-3864 346 2020-10-27 2021-05-18
7.2
None Local Low Not required Complete Complete Complete
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.
47 CVE-2020-3860 119 Exec Code Overflow Mem. Corr. 2020-02-27 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
48 CVE-2020-3857 119 Exec Code Overflow Mem. Corr. 2020-02-27 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.
49 CVE-2020-3850 119 Exec Code Overflow Mem. Corr. 2020-04-01 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
50 CVE-2020-3849 119 Exec Code Overflow Mem. Corr. 2020-04-01 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
Total number of vulnerabilities : 749   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.