Filtered by vendor Apple
Subscribe
Total
11236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43893 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 4.4 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a malicious payload. IBM X-Force ID: 240634. | |||||
| CVE-2022-43891 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 5.3 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454. | |||||
| CVE-2022-22385 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 7.5 HIGH |
| IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962. | |||||
| CVE-2022-22380 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 4.3 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957. | |||||
| CVE-2022-22375 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 8.8 HIGH |
| IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681. | |||||
| CVE-2021-38859 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 5.3 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899. | |||||
| CVE-2021-29913 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 7.1 HIGH |
| IBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 207898. | |||||
| CVE-2021-20581 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 4.3 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324. | |||||
| CVE-2022-22384 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 4.3 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages returned from the server due to hazardous input validation. IBM X-Force ID: 221961. | |||||
| CVE-2022-22377 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2023-10-18 | N/A | 5.3 MEDIUM |
| IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221827. | |||||
| CVE-2023-43611 | 2 Apple, F5 | 20 Macos, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 17 more | 2023-10-18 | N/A | 7.8 HIGH |
| The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2023-5450 | 2 Apple, F5 | 2 Macos, Big-ip Access Policy Manager | 2023-10-18 | N/A | 7.8 HIGH |
| An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2023-26370 | 3 Adobe, Apple, Microsoft | 5 Photoshop 2022, Photoshop 2023, Photoshop 2024 and 2 more | 2023-10-14 | N/A | 7.8 HIGH |
| Adobe Photoshop versions 23.5.5 (and earlier) and 24.7 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-38217 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-10-14 | N/A | 5.5 MEDIUM |
| Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-38216 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-10-13 | N/A | 5.5 MEDIUM |
| Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-40299 | 2 Apple, Konghq | 2 Macos, Insomnia | 2023-10-12 | N/A | 7.8 HIGH |
| Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD_INSERT_LIBRARIES environment variable. | |||||
| CVE-2023-41067 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks. | |||||
| CVE-2023-41066 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 5.5 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to unexpectedly leak a user's credentials from secure text fields. | |||||
| CVE-2023-41065 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-10-12 | N/A | 3.3 LOW |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to read sensitive location information. | |||||
| CVE-2023-40541 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 5.5 MEDIUM |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14. A shortcut may output sensitive user data without consent. | |||||