Total
1010 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-32931 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root privileges may be able to access private information. | |||||
CVE-2023-38607 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings. | |||||
CVE-2022-48577 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | |||||
CVE-2022-48504 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | |||||
CVE-2022-46710 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet. | |||||
CVE-2024-20715 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-17 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20714 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-17 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-42934 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 4.2 MEDIUM |
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app with root privileges may be able to access private information. | |||||
CVE-2023-42872 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-01-16 | N/A | 5.5 MEDIUM |
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data. | |||||
CVE-2023-40438 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 5.5 MEDIUM |
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14, iOS 16.7 and iPadOS 16.7. An app may be able to access edited photos saved to a temporary directory. | |||||
CVE-2024-20713 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20712 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20711 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20710 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-42929 | 1 Apple | 1 Macos | 2024-01-12 | N/A | 5.5 MEDIUM |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access protected user data. | |||||
CVE-2023-41994 | 1 Apple | 1 Macos | 2024-01-12 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks This issue is fixed in macOS Sonoma 14. A camera extension may be able to access the camera view from apps other than the app for which it was granted permission. | |||||
CVE-2023-41987 | 1 Apple | 1 Macos | 2024-01-12 | N/A | 5.5 MEDIUM |
This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data. | |||||
CVE-2023-40430 | 1 Apple | 1 Macos | 2024-01-12 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access removable volumes without user consent. | |||||
CVE-2023-40411 | 1 Apple | 1 Macos | 2024-01-12 | N/A | 5.5 MEDIUM |
This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14. An app may be able to access user-sensitive data. | |||||
CVE-2023-41991 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-10 | N/A | 5.5 MEDIUM |
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |