Apple

macOS

2451 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-46718

  • EPSS 0.04%
  • Veröffentlicht 23.06.2023 18:15:10
  • Zuletzt bearbeitet 05.12.2024 18:15:20

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information

7.8

CVE-2023-23516

  • EPSS 0.04%
  • Veröffentlicht 23.06.2023 18:15:10
  • Zuletzt bearbeitet 05.12.2024 18:15:20

The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges.

7.8

CVE-2023-23539

  • EPSS 0.05%
  • Veröffentlicht 23.06.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:46:22

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.

7.1

CVE-2023-34241

Exploit
  • EPSS 0.05%
  • Veröffentlicht 22.06.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:50

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has b...

8.8

CVE-2023-3079

Warnung Exploit
  • EPSS 1.25%
  • Veröffentlicht 05.06.2023 22:15:12
  • Zuletzt bearbeitet 24.10.2025 14:07:38

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-2953

  • EPSS 1.47%
  • Veröffentlicht 30.05.2023 22:15:10
  • Zuletzt bearbeitet 10.01.2025 22:15:23

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

5.9

CVE-2023-28321

Exploit
  • EPSS 0.3%
  • Veröffentlicht 26.05.2023 21:15:16
  • Zuletzt bearbeitet 15.01.2025 16:15:26

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function...

3.7

CVE-2023-28322

Exploit
  • EPSS 0.5%
  • Veröffentlicht 26.05.2023 21:15:16
  • Zuletzt bearbeitet 21.11.2024 07:54:50

An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if ...

5.9

CVE-2023-28320

Exploit
  • EPSS 0.64%
  • Veröffentlicht 26.05.2023 21:15:15
  • Zuletzt bearbeitet 15.01.2025 16:15:25

A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow...

7.5

CVE-2023-28319

Exploit
  • EPSS 0.32%
  • Veröffentlicht 26.05.2023 21:15:10
  • Zuletzt bearbeitet 15.01.2025 16:15:25

A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error m...