CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
93 results · Page 4/4
Apple Multiple Products Memory Initialization Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Type Confusion Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and watchOS Out-of-Bounds Write Vulnerability
Apple · iOS, iPadOS, and watchOS
Apple iOS, iPadOS, and watchOS Mail contains an out-of-bounds write vulnerability which may allow memory modification or application termination when processing a maliciously crafted mail message.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and watchOS Memory Corruption Vulnerability
Apple · iOS, iPadOS, and watchOS
Apple iOS, iPadOS, and watchOS Mail contains a memory corruption vulnerability that may allow heap corruption when processing a maliciously crafted mail message.
Required Action
Apply updates per vendor instructions.
Apple iOS WebKit Use-After-Free Vulnerability
Apple · iOS
Apple iOS WebKit contains a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Race Condition Vulnerability
Apple · Multiple Products
Apple iOS, iPadOs, macOS, watchOS, and tvOS contain a race condition vulnerability that may allow a malicious application to elevate privileges.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple · iOS, iPadOS, and macOS
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Apple · iOS, iPadOS, and macOS
Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
Apple · iOS, iPadOS, and watchOS
Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting (XSS) when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit Storage contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple iOS WebKit Buffer Overflow Vulnerability
Apple · iOS
Apple iOS WebKit contains a buffer-overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple macOS Unspecified Vulnerability
Apple · macOS
Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.
Required Action
Apply updates per vendor instructions.
Apple macOS Unspecified Vulnerability
Apple · macOS
Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products WebKit Memory Corruption Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products WebKit Integer Overflow Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain an integer overflow vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple iOS WebKit Memory Corruption Vulnerability
Apple · iOS
Apple iOS WebKit contains a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required Action
Apply updates per vendor instructions.
Apple iOS, iPadOS, and macOS Type Confusion Vulnerability
Apple · iOS, iPadOS, and macOS
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
Apple Multiple Products Code Execution Vulnerability
Apple · Multiple Products
Apple iOS, iPadOS, macOS, watchOS, and tvOS contain an unspecified vulnerability that may allow an application to execute code with kernel privileges.
Required Action
Apply updates per vendor instructions.
