Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 4337 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-31259 1 Apple 1 Macos 2025-05-27 N/A 7.8 HIGH
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges.
CVE-2025-31260 1 Apple 1 Macos 2025-05-27 N/A 5.5 MEDIUM
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
CVE-2022-37877 2 Apple, Arubanetworks 2 Macos, Clearpass Policy Manager 2025-05-27 N/A 7.8 HIGH
A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability.
CVE-2022-32882 1 Apple 1 Macos 2025-05-27 N/A 9.8 CRITICAL
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to bypass Privacy preferences.
CVE-2022-32861 1 Apple 2 Macos, Safari 2025-05-27 N/A 5.3 MEDIUM
A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. A user may be tracked through their IP address.
CVE-2022-32849 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2025-05-27 N/A 5.5 MEDIUM
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.
CVE-2022-32814 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-05-27 N/A 7.8 HIGH
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-29181 2 Apple, Nokogiri 2 Macos, Nokogiri 2025-05-27 6.4 MEDIUM 8.2 HIGH
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
CVE-2025-24274 1 Apple 1 Macos 2025-05-27 N/A 7.8 HIGH
An input validation issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to gain root privileges.
CVE-2025-24258 1 Apple 1 Macos 2025-05-27 N/A 7.8 HIGH
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain root privileges.
CVE-2025-30442 1 Apple 1 Macos 2025-05-27 N/A 7.8 HIGH
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain elevated privileges.
CVE-2025-24223 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2025-05-27 N/A 8.0 HIGH
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-30448 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-05-27 N/A 9.1 CRITICAL
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6, macOS Sequoia 15.4. An attacker may be able to turn on sharing of an iCloud folder without authentication.
CVE-2025-30453 1 Apple 1 Macos 2025-05-27 N/A 7.8 HIGH
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. A malicious app may be able to gain root privileges.
CVE-2025-31195 1 Apple 1 Macos 2025-05-27 N/A 6.3 MEDIUM
The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
CVE-2025-31196 1 Apple 2 Ipados, Macos 2025-05-27 N/A 5.5 MEDIUM
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
CVE-2025-31204 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2025-05-27 N/A 8.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-31205 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2025-05-27 N/A 6.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.
CVE-2025-31206 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2025-05-27 N/A 4.3 MEDIUM
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-31208 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2025-05-27 N/A 7.5 HIGH
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.