Filtered by vendor Apple
Subscriptions
Filtered by product Garageband
Subscriptions
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23300 | 1 Apple | 1 Garageband | 2025-02-13 | 7.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-42867 | 1 Apple | 1 Garageband | 2025-01-06 | 7.8 High |
| This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges. | ||||
| CVE-2022-22664 | 1 Apple | 3 Garageband, Logic Pro X, Macos | 2024-11-21 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | ||||
| CVE-2022-22657 | 1 Apple | 3 Garageband, Logic Pro X, Macos | 2024-11-21 | 7.8 High |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | ||||
| CVE-2021-30654 | 1 Apple | 1 Garageband | 2024-11-21 | 5.5 Medium |
| This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information. | ||||
| CVE-2017-2374 | 1 Apple | 1 Garageband | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file. | ||||
| CVE-2017-2372 | 1 Apple | 2 Garageband, Logic Pro X | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file. | ||||
| CVE-2009-2198 | 1 Apple | 1 Garageband | 2024-11-21 | N/A |
| Apple GarageBand before 5.1 reconfigures Safari to accept all cookies regardless of domain name, which makes it easier for remote web servers to track users. | ||||
Page 1 of 1.