Total
5565 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8634 | 1 Apple | 1 Mac Os X | 2022-10-14 | 6.5 MEDIUM | 8.8 HIGH |
| An authentication issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5. A user may be unexpectedly logged in to another user’s account. | |||||
| CVE-2019-8550 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2022-10-14 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing. | |||||
| CVE-2019-7108 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | |||||
| CVE-2019-7096 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7088 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2022-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7107 | 3 Adobe, Apple, Microsoft | 3 Indesign, Mac Os X, Windows | 2022-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2. | |||||
| CVE-2020-27896 | 1 Apple | 2 Mac Os X, Macos | 2022-10-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to modify the file system. | |||||
| CVE-2019-7061 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2022-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | |||||
| CVE-2021-30833 | 1 Apple | 2 Mac Os X, Macos | 2022-10-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. | |||||
| CVE-2021-30844 | 1 Apple | 2 Mac Os X, Macos | 2022-10-11 | 5.0 MEDIUM | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory. | |||||
| CVE-2020-10006 | 1 Apple | 1 Mac Os X | 2022-10-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to access restricted files. | |||||
| CVE-2022-32837 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2022-10-01 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2019-20807 | 6 Apple, Canonical, Debian and 3 more | 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more | 2022-09-01 | 4.6 MEDIUM | 5.3 MEDIUM |
| In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | |||||
| CVE-2015-3415 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2022-08-16 | 7.5 HIGH | N/A |
| The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement. | |||||
| CVE-2015-3414 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2022-08-16 | 7.5 HIGH | N/A |
| SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement. | |||||
| CVE-2015-3416 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2022-08-16 | 7.5 HIGH | N/A |
| The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. | |||||
| CVE-2008-0035 | 1 Apple | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2022-08-09 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2, iPod touch 1.1 through 1.1.2, and Mac OS X 10.5 through 10.5.1, allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted URL that triggers memory corruption in Safari. | |||||
| CVE-2007-5858 | 1 Apple | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2022-08-09 | 4.3 MEDIUM | N/A |
| WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information. | |||||
| CVE-2007-4671 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2022-08-09 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to "alter or access" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain. | |||||
| CVE-2007-3760 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2022-08-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to inject arbitrary web script or HTML via frame tags. | |||||