Search

Search Results (366292 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-32938 1 Apple 3 Ipados, Iphone Os, Macos 2025-05-06 5.3 Medium
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. A shortcut may be able to check the existence of an arbitrary path on the file system.
CVE-2022-32936 1 Apple 1 Macos 2025-05-06 5.5 Medium
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to disclose kernel memory.
CVE-2022-32935 1 Apple 3 Ipados, Iphone Os, Macos 2025-05-06 4.6 Medium
A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user may be able to view restricted content from the lock screen.
CVE-2022-32934 1 Apple 1 Macos 2025-05-06 8.8 High
The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution.
CVE-2022-32932 1 Apple 3 Ipados, Iphone Os, Watchos 2025-05-06 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-32929 1 Apple 2 Ipados, Iphone Os 2025-05-06 5.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app may be able to access iOS backups.
CVE-2022-32928 1 Apple 3 Iphone Os, Macos, Watchos 2025-05-06 5.3 Medium
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials.
CVE-2022-32910 1 Apple 2 Mac Os X, Macos 2025-05-06 7.5 High
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.
CVE-2022-32909 1 Apple 1 Iphone Os 2025-05-06 5.5 Medium
The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app may be able to access user-sensitive data.
CVE-2022-32887 1 Apple 1 Iphone Os 2025-05-06 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-32881 1 Apple 3 Macos, Tvos, Watchos 2025-05-06 5.5 Medium
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system.
CVE-2022-32879 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-05-06 2.4 Low
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen.
CVE-2018-6340 1 Facebook 1 Hhvm 2025-05-06 8.1 High
The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).
CVE-2018-6336 1 Linuxfoundation 1 Osquery 2025-05-06 7.8 High
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7
CVE-2018-6335 1 Facebook 1 Hhvm 2025-05-06 7.5 High
A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests.
CVE-2018-6332 1 Facebook 1 Hhvm 2025-05-06 5.9 Medium
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM (3.24.3 and 3.21.7 and below) when using the proxygen server to handle HTTP2 requests.
CVE-2018-19918 1 Cuppacms 1 Cuppacms 2025-05-06 5.4 Medium
CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.
CVE-2018-19906 1 Razorcms 1 Razorcms 2025-05-06 5.4 Medium
Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter.
CVE-2018-19905 1 Razorcms 1 Razorcms 2025-05-06 5.4 Medium
HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter.
CVE-2018-18601 1 Guardzilla 2 Gz621w, Gz621w Firmware 2025-05-06 8.1 High
The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.