Apple macOS vulnerabilities
3,135 known vulnerabilities affecting apple/macos.
Total CVEs
3,135
CISA KEV
75
actively exploited
Public exploits
44
Exploited in wild
61
Severity breakdown
CRITICAL203HIGH1362MEDIUM1421LOW149
Vulnerabilities
Page 96 of 157
CVE-2022-32819HIGHCVSS 7.8fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32819 [HIGH] CWE-269 CVE-2022-32819: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPad
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.
nvd
CVE-2022-32843HIGHCVSS 7.1fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32843 [HIGH] CWE-787 CVE-2022-32843: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Sec
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory.
nvd
CVE-2022-32790HIGHCVSS 7.5fixed in 10.15.7≥ 11.0, < 11.6.6+4 more2022-09-23
CVE-2022-32790 [HIGH] CWE-400 CVE-2022-32790: This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15
This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service.
nvd
CVE-2022-32820HIGHCVSS 7.8fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32820 [HIGH] CWE-787 CVE-2022-32820: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32797HIGHCVSS 7.1fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32797 [HIGH] CWE-20 CVE-2022-32797: This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catal
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.
nvd
CVE-2022-22624HIGHCVSS 8.8≥ 12.0, < 12.32022-09-23
CVE-2022-22624 [HIGH] CWE-416 CVE-2022-22624: A use after free issue was addressed with improved memory management. This issue is fixed in macOS M
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-32821HIGHCVSS 7.8≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23
CVE-2022-32821 [HIGH] CWE-787 CVE-2022-32821: A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32852HIGHCVSS 7.1≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23
CVE-2022-32852 [HIGH] CWE-125 CVE-2022-32852: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in mac
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.
nvd
CVE-2022-22610HIGHCVSS 8.8≥ 12.0, < 12.32022-09-23
CVE-2022-22610 [HIGH] CWE-787 CVE-2022-22610: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to code execution.
nvd
CVE-2022-26700HIGHCVSS 8.8≥ 12.0, < 12.4≥ unspecified, < 12.4+1 more2022-09-23
CVE-2022-26700 [HIGH] CWE-787 CVE-2022-26700: A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.
nvd
CVE-2022-32851HIGHCVSS 7.1fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32851 [HIGH] CWE-125 CVE-2022-32851: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Sec
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.
nvd
CVE-2022-32814HIGHCVSS 7.8≥ 11.0, < 11.6.8≥ 12.0.0, < 12.5+1 more2022-09-23
CVE-2022-32814 [HIGH] CWE-843 CVE-2022-32814: A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2022-32807HIGHCVSS 7.1fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32807 [HIGH] CVE-2022-32807: This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-00
This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files.
nvd
CVE-2022-32826HIGHCVSS 7.8fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32826 [HIGH] CWE-269 CVE-2022-32826: An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.
nvd
CVE-2022-32829HIGHCVSS 7.8≥ 12.0, < 12.5≥ unspecified, < 12.5+1 more2022-09-23
CVE-2022-32829 [HIGH] CWE-269 CVE-2022-32829: This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macO
This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2020-36521HIGHCVSS 7.1fixed in 10.15.72022-09-23
CVE-2020-36521 [HIGH] CWE-125 CVE-2020-36521: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud fo
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.
nvd
CVE-2022-32831HIGHCVSS 7.1fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23
CVE-2022-32831 [HIGH] CWE-125 CVE-2022-32831: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security U
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.
nvd
CVE-2022-32842HIGHCVSS 7.8fixed in 10.15.7≥ 12.0, < 12.5+3 more2022-09-23
CVE-2022-32842 [HIGH] CWE-125 CVE-2022-32842: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Sec
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges.
nvd
CVE-2022-32792HIGHCVSS 8.8≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23
CVE-2022-32792 [HIGH] CWE-787 CVE-2022-32792: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2022-22637HIGHCVSS 8.8≥ 12.0, < 12.32022-09-23
CVE-2022-22637 [HIGH] CWE-346 CVE-2022-22637: A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior.
nvd