Apple macOS vulnerabilities
3,135 known vulnerabilities affecting apple/macos.
Total CVEs
3,135
CISA KEV
75
actively exploited
Public exploits
44
Exploited in wild
61
Severity breakdown
CRITICAL203HIGH1362MEDIUM1421LOW149
Vulnerabilities
Page 92 of 157
CVE-2022-42800HIGHCVSS 7.8≥ 11.0, < 11.7.1≥ 12.0, < 12.6.1+5 more2022-11-01
CVE-2022-42800 [HIGH] CWE-20 CVE-2022-42800: This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1,
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution.
nvd
CVE-2022-32922HIGHCVSS 8.8fixed in 13.0≥ unspecified, < 13+1 more2022-11-01
CVE-2022-32922 [HIGH] CWE-416 CVE-2022-32922: A use after free issue was addressed with improved memory management. This issue is fixed in Safari
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-32890HIGHCVSS 8.6fixed in 13.0≥ unspecified, < 132022-11-01
CVE-2022-32890 [HIGH] CVE-2022-32890: A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandbox
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions.
nvd
CVE-2022-26716HIGHCVSS 8.8≥ 12.0.0, < 12.4≥ unspecified, < 12.4+1 more2022-11-01
CVE-2022-26716 [HIGH] CWE-787 CVE-2022-26716: A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-42803HIGHCVSS 7.0fixed in 12.6.1≥ unspecified, < 132022-11-01
CVE-2022-42803 [HIGH] CWE-362 CVE-2022-42803: A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 a
A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-26710HIGHCVSS 8.8≥ 12.0.0, < 12.4≥ unspecified, < 12.42022-11-01
CVE-2022-26710 [HIGH] CWE-416 CVE-2022-26710: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-32924HIGHCVSS 7.8fixed in 13.0≥ 11.0, < 11.7+2 more2022-11-01
CVE-2022-32924 [HIGH] CWE-94 CVE-2022-32924: The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big S
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32866HIGHCVSS 7.8≥ 11.0, < 11.7≥ 12.0, < 12.6+2 more2022-11-01
CVE-2022-32866 [HIGH] CWE-787 CVE-2022-32866: The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, ma
The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32905HIGHCVSS 7.8fixed in 13.0≥ unspecified, < 132022-11-01
CVE-2022-32905 [HIGH] CWE-59 CVE-2022-32905: This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges.
nvd
CVE-2022-32898HIGHCVSS 7.8fixed in 13.0≥ unspecified, < 13+2 more2022-11-01
CVE-2022-32898 [HIGH] CVE-2022-32898: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32910HIGHCVSS 7.5≥ 11.0, < 11.6.8≥ 12.0, < 12.5+3 more2022-11-01
CVE-2022-32910 [HIGH] CWE-693 CVE-2022-32910: A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.
nvd
CVE-2022-26719HIGHCVSS 8.8≥ 12.0.0, < 12.4≥ unspecified, < 12.4+1 more2022-11-01
CVE-2022-26719 [HIGH] CWE-787 CVE-2022-26719: A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-32892HIGHCVSS 8.6fixed in 13.0≥ unspecified, < 13+2 more2022-11-01
CVE-2022-32892 [HIGH] CVE-2022-32892: An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iO
An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions.
nvd
CVE-2022-42801HIGHCVSS 7.8≥ 12.0, < 12.6.1≥ unspecified, < 132022-11-01
CVE-2022-42801 [HIGH] CWE-693 CVE-2022-42801: A logic issue was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and i
A logic issue was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32944HIGHCVSS 7.8≥ 11.0, < 11.7.1≥ 12.0.0, < 12.6.1+1 more2022-11-01
CVE-2022-32944 [HIGH] CWE-787 CVE-2022-32944: A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-26717HIGHCVSS 8.8≥ 12.0.0, < 12.4≥ unspecified, < 12.4+1 more2022-11-01
CVE-2022-26717 [HIGH] CWE-416 CVE-2022-26717: A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-42809HIGHCVSS 7.8fixed in 13.0≥ unspecified, < 132022-11-01
CVE-2022-42809 [HIGH] CWE-119 CVE-2022-42809: The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Proc
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution.
nvd
CVE-2022-42795HIGHCVSS 8.8fixed in 13.0≥ unspecified, < 13+1 more2022-11-01
CVE-2022-42795 [HIGH] CWE-787 CVE-2022-42795: A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS
A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2022-32940HIGHCVSS 7.8fixed in 13.0≥ unspecified, < 132022-11-01
CVE-2022-32940 [HIGH] CWE-119 CVE-2022-32940: The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-26709HIGHCVSS 8.8≥ 12.0.0, < 12.4≥ unspecified, < 12.4+1 more2022-11-01
CVE-2022-26709 [HIGH] CWE-416 CVE-2022-26709: A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd