Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2023-06-23 CVE-2023-32423 Classic Buffer Overflow vulnerability in Apple products
A buffer overflow issue was addressed with improved memory handling.
network
low complexity
apple CWE-120
6.5
6.5
2023-06-23 CVE-2023-32434 Integer Overflow or Wraparound vulnerability in Apple products
An integer overflow was addressed with improved input validation.
local
low complexity
apple CWE-190
7.8
7.8
2023-06-23 CVE-2023-32435 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved state management.
network
low complexity
apple CWE-787
8.8
8.8
2023-06-23 CVE-2023-32439 Type Confusion vulnerability in multiple products
A type confusion issue was addressed with improved checks.
network
low complexity
apple webkitgtk CWE-843
8.8
8.8
2023-06-22 CVE-2023-34241 OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems.
local
low complexity
openprinting fedoraproject debian apple
7.1
7.1
2023-05-30 CVE-2023-2953 NULL Pointer Dereference vulnerability in multiple products
A vulnerability was found in openldap.
network
low complexity
openldap redhat apple netapp CWE-476
7.5
7.5
2023-05-26 CVE-2023-28319 Use After Free vulnerability in multiple products
A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash.
network
low complexity
haxx apple netapp CWE-416
7.5
7.5
2023-05-26 CVE-2023-28320 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time.
network
high complexity
haxx apple netapp CWE-400
5.9
5.9
2023-05-26 CVE-2023-28321 Improper Certificate Validation vulnerability in multiple products
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates.
network
high complexity
haxx debian fedoraproject netapp apple CWE-295
5.9
5.9
2023-05-26 CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback.
network
high complexity
haxx fedoraproject apple netapp
3.7
3.7