CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
93 results · Page 3/4
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple · iOS and macOS
Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.
Required Action
Apply updates per vendor instructions.
Apple iOS and iPadOS Buffer Overflow Vulnerability
Apple · iOS and iPadOS
Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Use-After-Free Vulnerability
Apple · Multiple Products
A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.
Required Action
Apply updates per vendor instructions.
Apple iOS Information Disclosure Vulnerability
Apple · iOS
The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.
Required Action
Apply updates per vendor instructions.
Apple iOS Memory Corruption Vulnerability
Apple · iOS
A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause a denial-of-service (DoS) via a crafted application.
Required Action
Apply updates per vendor instructions.
Apple iOS Webkit Memory Corruption Vulnerability
Apple · iOS
Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a denial-of-service (DoS) via a crafted web site. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code execution.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.
Required Action
Apply updates per vendor instructions.
Apple iOS Memory Corruption Vulnerability
Apple · iOS
Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Type Confusion Vulnerability
Apple · Multiple Products
A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Type Confusion Vulnerability
Apple · Multiple Products
A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Required Action
Apply updates per vendor instructions.
Apple macOS Out-of-Bounds Write Vulnerability
Apple · macOS
macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple macOS Out-of-Bounds Read Vulnerability
Apple · macOS
macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
Apple · iOS, iPadOS, and macOS
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple OS X Authentication Bypass Vulnerability
Apple · OS X
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
Required Action
Apply updates per vendor instructions.
Apple OS X Heap-Based Buffer Overflow Vulnerability
Apple · OS X
Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.
Required Action
Apply updates per vendor instructions.
Apple Memory Corruption Vulnerability
Apple · iOS and macOS
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, macOS Use-After-Free Vulnerability
Apple · iOS, iPadOS, and macOS
Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple iOS and macOS Group Facetime Vulnerability
Apple · iOS and macOS
Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipient's Apple device to answer unknowingly or without user interaction.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Integer Overflow Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerability is also known under the moniker of FORCEDENTRY.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
