Vulnerabilities in Apple

3,795 results
Vexday analysis

O ecossistema Apple acumula 3.758 CVEs catalogadas, das quais 87 estão confirmadas em exploração ativa no catálogo KEV da CISA — uma taxa que supera em 5,2 vezes a média geral do catálogo, sinalizando exposição operacional significativamente elevada. Com 154 vulnerabilidades de severidade crítica e 72 com prova de conceito pública disponível, a superfície de ataque explorável é considerável, exigindo priorização rigorosa de patches. O tipo de falha mais recorrente é CWE-200 (exposição de informações sensíveis), padrão que tende a facilitar movimentação lateral e exfiltração de dados em cadeias de ataque mais complexas. A CVE mais perigosa atualmente ativa, CVE-2021-30860, apresenta EPSS de 0,76, indicando alta probabilidade de exploração, e deve ser tratada como prioridade imediata por equipes ainda não corrigidas.

CVE-2021-30949A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS MonterEPSS 2.1%CVE-2021-30823A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, SafEPSS 2.1%CVE-2019-8535A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9EPSS 2.1%CVE-2021-1761This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security UpdateEPSS 2.1%CVE-2022-42837CRITICALAn issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOSEPSS 2.1%CVE-2019-8523Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTuEPSS 2.1%CVE-2019-8716A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-0EPSS 2.1%CVE-2024-27815MEDIUMAn out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.EPSS 2.0%CVE-2020-3877An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3, watchOS 6.1.2. A remote aEPSS 2.0%CVE-2019-8835Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iEPSS 2.0%CVE-2019-8675A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 HEPSS 2.0%CVE-2019-8811Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, EPSS 2.0%CVE-2016-4676A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote maEPSS 2.0%CVE-2019-8842A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 MojavEPSS 2.0%CVE-2021-30660An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watcEPSS 2.0%CVE-2022-42808CRITICALAn out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS VeEPSS 2.0%CVE-2020-9983An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously craftedEPSS 2.0%CVE-2019-7285A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4EPSS 2.0%CVE-2020-3862A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, SafEPSS 2.0%CVE-2022-22589A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, EPSS 2.0%