Apple macOS vulnerabilities

3,135 known vulnerabilities affecting apple/macos.

Total CVEs

3,135

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL203HIGH1362MEDIUM1421LOW149

Vulnerabilities

Page 97 of 157

CVE-2022-32801HIGHCVSS 7.8≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23

CVE-2022-32801 [HIGH] CWE-269 CVE-2022-32801: This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app ma This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to gain root privileges.

nvd

CVE-2022-32853HIGHCVSS 7.1fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23

CVE-2022-32853 [HIGH] CWE-125 CVE-2022-32853: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Sec An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.

nvd

CVE-2022-32815HIGHCVSS 7.8fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23

CVE-2022-32815 [HIGH] CWE-787 CVE-2022-32815: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

nvd

CVE-2022-22628HIGHCVSS 8.8≥ 12.0, < 12.32022-09-23

CVE-2022-22628 [HIGH] CWE-416 CVE-2022-22628: A use after free issue was addressed with improved memory management. This issue is fixed in macOS M A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2022-32848MEDIUMCVSS 5.5≥ 11.0, < 11.6.8≥ 12.0, < 12.5+2 more2022-09-23

CVE-2022-32848 [MEDIUM] CWE-284 CVE-2022-32848: A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to capture a user’s screen.

nvd

CVE-2022-32849MEDIUMCVSS 5.5≥ 11.0, < 11.6.8≥ 12.0, < 12.5+3 more2022-09-23

CVE-2022-32849 [MEDIUM] CWE-200 CVE-2022-32849: An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed i An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.

nvd

CVE-2022-32783MEDIUMCVSS 5.5≥ 12.0, < 12.4≥ unspecified, < 12.42022-09-23

CVE-2022-32783 [MEDIUM] CWE-284 CVE-2022-32783: A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An app A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An app may gain unauthorized access to Bluetooth.

nvd

CVE-2022-32800MEDIUMCVSS 5.5fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23

CVE-2022-32800 [MEDIUM] CWE-284 CVE-2022-32800: This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catal This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.

nvd

CVE-2022-32823MEDIUMCVSS 5.5fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23

CVE-2022-32823 [MEDIUM] CWE-665 CVE-2022-32823: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information.

nvd

CVE-2022-32789MEDIUMCVSS 5.5≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23

CVE-2022-32789 [MEDIUM] CWE-284 CVE-2022-32789: A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to bypass Privacy preferences.

nvd

CVE-2022-32786MEDIUMCVSS 5.5fixed in 10.15.7≥ 11.0, < 11.6.8+5 more2022-09-23

CVE-2022-32786 [MEDIUM] CWE-20 CVE-2022-32786: An issue in the handling of environment variables was addressed with improved validation. This issue An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.

nvd

CVE-2022-32785MEDIUMCVSS 5.5fixed in 10.15.7≥ 11.0, < 11.6.8+6 more2022-09-23

CVE-2022-32785 [MEDIUM] CWE-476 CVE-2022-32785: A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 a A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.

nvd

CVE-2022-32799MEDIUMCVSS 5.9fixed in 10.15.7≥ 12.0, < 12.5+3 more2022-09-23

CVE-2022-32799 [MEDIUM] CWE-125 CVE-2022-32799: An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Secu An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. A user in a privileged network position may be able to leak sensitive information.

nvd

CVE-2022-32818MEDIUMCVSS 5.5≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23

CVE-2022-32818 [MEDIUM] CWE-200 CVE-2022-32818: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. A The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be able to leak sensitive kernel state.

nvd

CVE-2022-32781MEDIUMCVSS 4.4fixed in 10.15.7≥ 11.0, < 11.6.8+6 more2022-09-23

CVE-2022-32781 [MEDIUM] CWE-269 CVE-2022-32781: This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, i This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8. An app with root privileges may be able to access private information.

nvd

CVE-2022-32816MEDIUMCVSS 6.5≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23

CVE-2022-32816 [MEDIUM] CWE-451 CVE-2022-32816: The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iO The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.

nvd

CVE-2022-32841MEDIUMCVSS 5.5≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23

CVE-2022-32841 [MEDIUM] CWE-125 CVE-2022-32841: The issue was addressed with improved memory handling. This issue is fixed in watchOS 8.7, tvOS 15.6 The issue was addressed with improved memory handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted image may result in disclosure of process memory.

nvd

CVE-2022-32828MEDIUMCVSS 5.5≥ 12.0, < 12.5≥ unspecified, < 12.52022-09-23

CVE-2022-32828 [MEDIUM] CVE-2022-32828: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

nvd

CVE-2022-32782MEDIUMCVSS 4.4≥ 12.0, < 12.4≥ unspecified, < 12.42022-09-23

CVE-2022-32782 [MEDIUM] CWE-269 CVE-2022-32782: This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4. A This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4. An app with root privileges may be able to access private information.

nvd

CVE-2022-32825MEDIUMCVSS 5.5≥ 11.0, < 11.6.8≥ 12.0, < 12.5+2 more2022-09-23

CVE-2022-32825 [MEDIUM] CWE-200 CVE-2022-32825: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

nvd

← Previous97 / 157Next →