Apple

macOS

2451 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-23229

  • EPSS 0.03%
  • Veröffentlicht 14.05.2024 14:58:46
  • Zuletzt bearbeitet 09.12.2024 17:37:58

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.5, macOS Ventura 13.6.5, macOS Sonoma 14.4. A malicious application may be able to access Find My data.

9.6

CVE-2024-4558

Exploit
  • EPSS 1.93%
  • Veröffentlicht 07.05.2024 19:15:08
  • Zuletzt bearbeitet 04.11.2025 18:16:42

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-23271

  • EPSS 0.07%
  • Veröffentlicht 24.04.2024 17:15:47
  • Zuletzt bearbeitet 12.12.2024 14:33:00

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.

7.1

CVE-2024-27791

  • EPSS 0.02%
  • Veröffentlicht 24.04.2024 17:15:47
  • Zuletzt bearbeitet 04.11.2025 19:17:03

The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. An app may be able to corrupt coprocessor memory.

7.3

CVE-2023-38709

  • EPSS 4.47%
  • Veröffentlicht 04.04.2024 20:15:08
  • Zuletzt bearbeitet 04.11.2025 22:15:53

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

6.3

CVE-2024-24795

  • EPSS 1.22%
  • Veröffentlicht 04.04.2024 20:15:08
  • Zuletzt bearbeitet 30.06.2025 12:55:47

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, ...

8.8

CVE-2023-42913

  • EPSS 0.28%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 04.11.2025 20:16:56

This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions.

5.5

CVE-2023-42930

  • EPSS 0.03%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 04.11.2025 20:17:04

This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. An app may be able to modify protected parts of the file system.

7.8

CVE-2023-42931

  • EPSS 1.84%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 04.11.2025 20:17:04

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.

5.5

CVE-2023-42936

  • EPSS 0.04%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 04.11.2025 20:17:05

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access user-sen...