Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3975 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2034 | 8 Adobe, Apple, Google and 5 more | 14 Air, Flash Player, Macos and 11 more | 2025-02-14 | 7.5 High |
| Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037. | ||||
| CVE-2014-8439 | 5 Adobe, Apple, Linux and 2 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-02-14 | 8.8 High |
| Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors. | ||||
| CVE-2024-1580 | 3 Apple, Fedoraproject, Videolan | 7 Ipados, Iphone Os, Macos and 4 more | 2025-02-13 | 5.9 Medium |
| An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d. | ||||
| CVE-2024-4558 | 4 Apple, Fedoraproject, Google and 1 more | 11 Ipados, Iphone Os, Macos and 8 more | 2025-02-13 | 9.6 Critical |
| Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-40800 | 1 Apple | 1 Macos | 2025-02-13 | 8.4 High |
| An input validation issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-40794 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-02-13 | 5.3 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication. | ||||
| CVE-2024-40785 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2025-02-13 | 6.1 Medium |
| This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack. | ||||
| CVE-2024-40782 | 2 Apple, Redhat | 17 Ios, Ipad Os, Ipados and 14 more | 2025-02-13 | 9.8 Critical |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-40780 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2025-02-13 | 6.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-40779 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2025-02-13 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-40776 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2025-02-13 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2010-2883 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Macos and 2 more | 2025-02-13 | 7.3 High |
| Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-0609 | 9 Adobe, Apple, Google and 6 more | 15 Acrobat, Acrobat Reader, Air and 12 more | 2025-02-13 | 7.8 High |
| Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. | ||||
| CVE-2024-30312 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-13 | 5.5 Medium |
| Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-30311 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-13 | 5.5 Medium |
| Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-27888 | 1 Apple | 1 Macos | 2025-02-13 | 5.5 Medium |
| A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-27887 | 1 Apple | 1 Macos | 2025-02-13 | 6.2 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. | ||||
| CVE-2024-27886 | 1 Apple | 1 Macos | 2025-02-13 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode. | ||||
| CVE-2024-27885 | 1 Apple | 1 Macos | 2025-02-13 | 6.3 Medium |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-27884 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-13 | 5.5 Medium |
| This issue was addressed with a new entitlement. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to access user-sensitive data. | ||||