Export limit exceeded: 351407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44126 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21340 | 1 Adobe | 1 Substance 3d Designer | 2026-04-28 | 5.5 Medium |
| Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-24132 | 1 Apple | 3 Airplay Audio Software Development Kit, Airplay Video Software Development Kit, Carplay Communication Plug-in | 2026-04-28 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination. | ||||
| CVE-2025-30422 | 1 Apple | 3 Airplay Audio Software Development Kit, Airplay Video Software Development Kit, Carplay Communication Plug-in | 2026-04-28 | 6.5 Medium |
| A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination. | ||||
| CVE-2025-31238 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-04-28 | 7.3 High |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-31234 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 8.2 High |
| The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2025-31209 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 6.3 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Parsing a file may lead to disclosure of user information. | ||||
| CVE-2025-24111 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 5.5 Medium |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-31263 | 1 Apple | 1 Macos | 2026-04-28 | 9.1 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory. | ||||
| CVE-2025-43254 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-28 | 7.1 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2025-43239 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-28 | 7.1 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2025-43221 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2026-04-28 | 7.1 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43186 | 1 Apple | 10 Ios, Ipados, Iphone Os and 7 more | 2026-04-28 | 9.8 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Parsing a file may lead to an unexpected app termination. | ||||
| CVE-2025-43284 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-28 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-43346 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2026-04-28 | 5.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-30468 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-28 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication. | ||||
| CVE-2025-43287 | 1 Apple | 1 Macos | 2026-04-28 | 7.1 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26. Processing a maliciously crafted image may corrupt process memory. | ||||
| CVE-2025-43344 | 1 Apple | 8 Ios, Ipados, Iphone Os and 5 more | 2026-04-28 | 3.3 Low |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-43312 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-28 | 5.5 Medium |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to cause unexpected system termination. | ||||
| CVE-2026-35209 | 1 Unjs | 1 Defu | 2026-04-27 | 7.5 High |
| defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input (e.g. parsed JSON request bodies, database records, or config files from untrusted sources) as the first argument to `defu()` are vulnerable to prototype pollution. A crafted payload containing a `__proto__` key can override intended default values in the merged resul. The internal `_defu` function used `Object.assign({}, defaults)` to copy the defaults object. `Object.assign` invokes the `__proto__` setter, which replaces the resulting object's `[[Prototype]]` with attacker-controlled values. Properties inherited from the polluted prototype then bypass the existing `__proto__` key guard in the `for...in` loop and land in the final result. Version 6.1.5 replaces `Object.assign({}, defaults)` with object spread (`{ ...defaults }`), which uses `[[DefineOwnProperty]]` and does not invoke the `__proto__` setter. | ||||
| CVE-2025-43435 | 1 Apple | 10 Ios, Ipad Os, Ipados and 7 more | 2026-04-27 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||