Filtered by vendor Apple Subscriptions
Filtered by product Macos Subscriptions
Total 6325 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-30796 6 Apple, Linux, Microsoft and 3 more 6 Macos, Linux Kernel, Windows and 3 more 2026-07-19 7.5 High
Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks. The client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book. This vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password). This issue affects RustDesk Client: through 1.4.8.
CVE-2022-37434 7 Apple, Debian, Fedoraproject and 4 more 24 Ipados, Iphone Os, Macos and 21 more 2026-07-14 9.8 Critical
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
CVE-2026-39872 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-43732 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information.
CVE-2026-43716 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2026-43745 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2026-43725 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 7.1 High
The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.
CVE-2026-43740 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2026-43721 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data.
CVE-2026-43715 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 8.8 High
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-43701 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 7.1 High
The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.
CVE-2026-43742 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-43705 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 8.8 High
A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-43734 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-43707 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-43720 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2026-43676 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2026-43699 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-43713 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Visiting a website may leak sensitive data.
CVE-2026-43663 1 Apple 3 Ios And Ipados, Macos, Safari 2026-07-10 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.