Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 300 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-3640 3 Apple, Google, Microsoft 3 Macos, Chrome, Windows 2024-03-21 7.1 HIGH N/A
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
CVE-2002-0862 2 Apple, Microsoft 10 Macos, Internet Explorer, Office and 7 more 2024-02-09 6.8 MEDIUM N/A
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
CVE-2023-47059 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47055 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44332 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2023-12-10 N/A 5.5 MEDIUM
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47042 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47053 3 Adobe, Apple, Microsoft 3 Audition, Macos, Windows 2023-12-10 N/A 5.5 MEDIUM
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44334 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2023-12-10 N/A 5.5 MEDIUM
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44335 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2023-12-10 N/A 5.5 MEDIUM
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47052 3 Adobe, Apple, Microsoft 3 Audition, Macos, Windows 2023-12-10 N/A 5.5 MEDIUM
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47043 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47041 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47060 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2023-12-10 N/A 3.3 LOW
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47040 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47057 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47056 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2023-12-10 N/A 7.8 HIGH
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30647 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2023-12-10 6.8 MEDIUM 7.8 HIGH
Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30655 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2023-12-10 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-28275 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2023-12-10 9.3 HIGH 7.8 HIGH
Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-40769 3 Adobe, Apple, Microsoft 3 Character Animator, Macos, Windows 2023-12-10 4.3 MEDIUM 3.3 LOW
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.