Vulnerabilities in Apple

3,795 results
Vexday analysis

O ecossistema Apple acumula 3.758 CVEs catalogadas, das quais 87 estão confirmadas em exploração ativa no catálogo KEV da CISA — uma taxa que supera em 5,2 vezes a média geral do catálogo, sinalizando exposição operacional significativamente elevada. Com 154 vulnerabilidades de severidade crítica e 72 com prova de conceito pública disponível, a superfície de ataque explorável é considerável, exigindo priorização rigorosa de patches. O tipo de falha mais recorrente é CWE-200 (exposição de informações sensíveis), padrão que tende a facilitar movimentação lateral e exfiltração de dados em cadeias de ataque mais complexas. A CVE mais perigosa atualmente ativa, CVE-2021-30860, apresenta EPSS de 0,76, indicando alta probabilidade de exploração, e deve ser tratada como prioridade imediata por equipes ainda não corrigidas.

CVE-2025-24254HIGHThis issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS VenturaEPSS 0.8%CVE-2019-8855An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application mayEPSS 0.8%CVE-2020-9982This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicEPSS 0.8%CVE-2025-30425MEDIUMThis issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macEPSS 0.7%CVE-2022-32837HIGHThis issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may bEPSS 0.7%CVE-2025-24216MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS SeEPSS 0.7%CVE-2022-32882CRITICALThis issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to bypasEPSS 0.7%CVE-2025-43376HIGHA logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOEPSS 0.7%CVE-2025-43222CRITICALA use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS SonomaEPSS 0.7%CVE-2024-44146CRITICALA logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sanEPSS 0.7%CVE-2022-26725A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persiEPSS 0.7%CVE-2021-30804A permissions issue was addressed with improved validation. This issue is fixed in iOS 14.7. A malicious application may be able to access FEPSS 0.7%CVE-2019-6207An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issEPSS 0.7%CVE-2020-27921A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, SEPSS 0.7%CVE-2025-43193CRITICALThe issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7.EPSS 0.7%CVE-2025-43189CRITICALThis issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may EPSS 0.7%CVE-2021-30935A logic issue was addressed with improved validation. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. An appEPSS 0.7%CVE-2021-1854A call termination issue with was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. A legacy cellular network EPSS 0.7%CVE-2018-4433A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 HighEPSS 0.7%CVE-2022-26722A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11EPSS 0.7%