Filtered by vendor Apple
Subscriptions
Total
12008 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4752 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1858. | ||||
| CVE-2023-4751 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. | ||||
| CVE-2023-4750 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1857. | ||||
| CVE-2023-4738 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. | ||||
| CVE-2023-4736 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. | ||||
| CVE-2023-4735 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. | ||||
| CVE-2023-4734 | 2 Apple, Vim | 2 Macos, Vim | 2025-02-13 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. | ||||
| CVE-2023-4733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1840. | ||||
| CVE-2023-4136 | 4 Apple, Craftercms, Linux and 1 more | 4 Macos, Craftercms, Linux Kernel and 1 more | 2025-02-13 | 7.4 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27. | ||||
| CVE-2023-1409 | 3 Apple, Microsoft, Mongodb | 3 Macos, Windows, Mongodb | 2025-02-13 | 5.3 Medium |
| If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate. This issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions. | ||||
| CVE-2023-44372 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-13 | 7.8 High |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-4359 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Iphone Os, Debian Linux, Fedora and 1 more | 2025-02-13 | 5.3 Medium |
| Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-42956 | 2 Apple, Redhat | 5 Ipados, Iphone Os, Macos and 2 more | 2025-02-13 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. | ||||
| CVE-2023-42950 | 2 Apple, Redhat | 8 Ipad Os, Ipados, Iphone Os and 5 more | 2025-02-13 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2023-42941 | 1 Apple | 2 Ipados, Iphone Os | 2025-02-13 | 4.8 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets. | ||||
| CVE-2023-42938 | 1 Apple | 1 Itunes | 2025-02-13 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.13.1 for Windows. A local attacker may be able to elevate their privileges. | ||||
| CVE-2023-42937 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-02-13 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data. | ||||
| CVE-2023-42935 | 1 Apple | 1 Macos | 2025-02-13 | 5.5 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6.4. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen. | ||||
| CVE-2023-42932 | 1 Apple | 1 Macos | 2025-02-13 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data. | ||||
| CVE-2023-42926 | 1 Apple | 1 Macos | 2025-02-13 | 7.8 High |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||