Filtered by vendor Apple
Subscriptions
Total
13327 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43537 | 1 Apple | 1 Ios And Ipados | 2026-02-12 | N/A |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5. Restoring a maliciously crafted backup file may lead to modification of protected system files. | ||||
| CVE-2026-20619 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | ||||
| CVE-2026-20630 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data. | ||||
| CVE-2026-20642 | 1 Apple | 1 Ios And Ipados | 2026-02-12 | N/A |
| An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen. | ||||
| CVE-2026-20646 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information. | ||||
| CVE-2026-20601 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to monitor keystrokes without user permission. | ||||
| CVE-2026-20602 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to cause a denial-of-service. | ||||
| CVE-2026-20614 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to gain root privileges. | ||||
| CVE-2026-20615 | 1 Apple | 3 Ios And Ipados, Macos, Visionos | 2026-02-12 | N/A |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to gain root privileges. | ||||
| CVE-2026-20616 | 1 Apple | 3 Ios And Ipados, Macos, Visionos | 2026-02-12 | N/A |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination. | ||||
| CVE-2026-20618 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data. | ||||
| CVE-2026-20621 | 1 Apple | 3 Ios And Ipados, Macos, Visionos | 2026-02-12 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2026-20623 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data. | ||||
| CVE-2026-20626 | 1 Apple | 3 Ios And Ipados, Macos, Visionos | 2026-02-12 | N/A |
| This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A malicious app may be able to gain root privileges. | ||||
| CVE-2026-20629 | 1 Apple | 1 Macos | 2026-02-12 | N/A |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data. | ||||
| CVE-2026-20636 | 1 Apple | 4 Ios And Ipados, Macos, Safari and 1 more | 2026-02-12 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-21357 | 3 Adobe, Apple, Microsoft | 4 Indesign, Indesign Desktop, Macos and 1 more | 2026-02-11 | 7.8 High |
| InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21332 | 3 Adobe, Apple, Microsoft | 4 Indesign, Indesign Desktop, Macos and 1 more | 2026-02-11 | 5.5 Medium |
| InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21358 | 3 Adobe, Apple, Microsoft | 4 Indesign, Indesign Desktop, Macos and 1 more | 2026-02-11 | 5.5 Medium |
| InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21342 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-02-11 | 7.8 High |
| Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||