Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
4255 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27196 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2025-05-05 | 7.8 High |
| Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27198 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2025-05-05 | 7.8 High |
| Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-42799 | 4 Apple, Debian, Fedoraproject and 1 more | 9 Ipados, Iphone Os, Macos and 6 more | 2025-05-05 | 6.1 Medium |
| The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. | ||||
| CVE-2022-42798 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. Parsing a maliciously crafted audio file may lead to disclosure of user information. | ||||
| CVE-2022-42791 | 1 Apple | 2 Iphone Os, Macos | 2025-05-05 | 7 High |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-35252 | 6 Apple, Debian, Haxx and 3 more | 21 Macos, Debian Linux, Curl and 18 more | 2025-05-05 | 3.7 Low |
| When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. | ||||
| CVE-2022-32899 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-05-05 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32898 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-05-05 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32208 | 7 Apple, Debian, Fedoraproject and 4 more | 21 Macos, Debian Linux, Fedora and 18 more | 2025-05-05 | 5.9 Medium |
| When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | ||||
| CVE-2022-32205 | 7 Apple, Debian, Fedoraproject and 4 more | 29 Macos, Debian Linux, Fedora and 26 more | 2025-05-05 | 4.3 Medium |
| A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method. | ||||
| CVE-2022-23308 | 7 Apple, Debian, Fedoraproject and 4 more | 46 Ipados, Iphone Os, Mac Os X and 43 more | 2025-05-05 | 7.5 High |
| valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | ||||
| CVE-2020-9715 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2025-05-05 | 7.8 High |
| Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8246 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 9.8 Critical |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8244 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8243 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8242 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8241 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2023-41071 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | 7.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-40432 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-40412 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | ||||