Filtered by vendor Apple
Subscribe
Total
2028 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-42919 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-12-14 | N/A | 5.5 MEDIUM |
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to access sensitive user data. | |||||
CVE-2023-42922 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-12-14 | N/A | 5.5 MEDIUM |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to read sensitive location information. | |||||
CVE-2023-42898 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-12-13 | N/A | 5.5 MEDIUM |
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing an image may lead to arbitrary code execution. | |||||
CVE-2023-42923 | 1 Apple | 2 Ipados, Iphone Os | 2023-12-13 | N/A | 5.3 MEDIUM |
This issue was addressed through improved state management. This issue is fixed in iOS 17.2 and iPadOS 17.2. Private Browsing tabs may be accessed without authentication. | |||||
CVE-2023-42924 | 1 Apple | 1 Macos | 2023-12-13 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3. An app may be able to access sensitive user data. | |||||
CVE-2023-42932 | 1 Apple | 1 Macos | 2023-12-13 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data. | |||||
CVE-2023-42897 | 1 Apple | 2 Ipados, Iphone Os | 2023-12-13 | N/A | 4.6 MEDIUM |
The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker with physical access may be able to use Siri to access sensitive user data. | |||||
CVE-2023-42884 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-12-13 | N/A | 5.5 MEDIUM |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. An app may be able to disclose kernel memory. | |||||
CVE-2023-42891 | 1 Apple | 1 Macos | 2023-12-13 | N/A | 5.5 MEDIUM |
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to monitor keystrokes without user permission. | |||||
CVE-2023-42842 | 1 Apple | 1 Macos | 2023-12-13 | N/A | 5.5 MEDIUM |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data. | |||||
CVE-2023-47049 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-46298 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 4.4 MEDIUM |
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | |||||
CVE-2023-47048 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-44328 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-44356 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-38131 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 6.5 MEDIUM |
Improper input validationation for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access. | |||||
CVE-2022-43477 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 5.5 MEDIUM |
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2023-44339 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-49321 | 4 Apple, F-secure, Linux and 1 more | 10 Macos, Atlant, Client Security and 7 more | 2023-12-10 | N/A | 5.3 MEDIUM |
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. | |||||
CVE-2023-44329 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |