Vulnerabilidades en Apple

3795 resultados
Análisis Vexday

O ecossistema Apple acumula 3.758 CVEs catalogadas, das quais 87 estão confirmadas em exploração ativa no catálogo KEV da CISA — uma taxa que supera em 5,2 vezes a média geral do catálogo, sinalizando exposição operacional significativamente elevada. Com 154 vulnerabilidades de severidade crítica e 72 com prova de conceito pública disponível, a superfície de ataque explorável é considerável, exigindo priorização rigorosa de patches. O tipo de falha mais recorrente é CWE-200 (exposição de informações sensíveis), padrão que tende a facilitar movimentação lateral e exfiltração de dados em cadeias de ataque mais complexas. A CVE mais perigosa atualmente ativa, CVE-2021-30860, apresenta EPSS de 0,76, indicando alta probabilidade de exploração, e deve ser tratada como prioridade imediata por equipes ainda não corrigidas.

CVE-2023-42900The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.EPSS 0.3%CVE-2020-9912A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change theEPSS 0.3%CVE-2021-30815A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fiEPSS 0.3%CVE-2022-22599Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOSEPSS 0.3%CVE-2021-1836A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, tvOS 14.5. A local user may be ableEPSS 0.3%CVE-2020-9959A lock screen issue allowed access to messages on a locked device. This issue was addressed with improved state management. This issue is fiEPSS 0.3%CVE-2021-30719A local user may be able to cause unexpected system termination or read kernel memory. This issue is fixed in macOS Big Sur 11.4, Security UEPSS 0.3%CVE-2025-43424MEDIUMThe issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. A malicious HID deviEPSS 0.3%CVE-2022-32926MEDIUMThe issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchEPSS 0.3%CVE-2024-40775MEDIUMA downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, EPSS 0.3%CVE-2025-43515HIGHThe issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on thEPSS 0.3%CVE-2021-30908An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A EPSS 0.3%CVE-2024-44154MEDIUMA memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. ProceEPSS 0.3%CVE-2026-28827CRITICALA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5,EPSS 0.3%CVE-2023-23536HIGHThe issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7EPSS 0.3%CVE-2023-23530HIGHThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be abEPSS 0.3%CVE-2025-46316MEDIUMAn out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPadOS 26.1, macOS TahoeEPSS 0.3%CVE-2024-23294HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4. Processing malicious input may lead to cEPSS 0.3%CVE-2025-30429MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia EPSS 0.3%CVE-2022-32781MEDIUMThis issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5, Security UpdateEPSS 0.3%