Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 9366 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4193 4 Apple, Debian, Fedoraproject and 1 more 4 Macos, Debian Linux, Fedora and 1 more 2022-05-17 4.3 MEDIUM 5.5 MEDIUM
vim is vulnerable to Out-of-bounds Read
CVE-2021-4173 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-05-17 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Use After Free
CVE-2022-0128 2 Apple, Vim 2 Macos, Vim 2022-05-17 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Out-of-bounds Read
CVE-2021-4192 4 Apple, Debian, Fedoraproject and 1 more 4 Macos, Debian Linux, Fedora and 1 more 2022-05-17 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Use After Free
CVE-2022-22665 1 Apple 1 Macos 2022-05-17 9.3 HIGH 7.8 HIGH
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges.
CVE-2022-22589 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2022-05-17 4.3 MEDIUM 6.1 MEDIUM
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.
CVE-2021-4166 7 Apple, Debian, Fedoraproject and 4 more 7 Macos, Debian Linux, Fedora and 4 more 2022-05-17 5.8 MEDIUM 7.1 HIGH
vim is vulnerable to Out-of-bounds Read
CVE-2021-4187 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-05-17 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Use After Free
CVE-2021-4136 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-05-17 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-22925 6 Apple, Fedoraproject, Haxx and 3 more 10 Mac Os X, Macos, Fedora and 7 more 2022-05-16 5.0 MEDIUM 5.3 MEDIUM
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
CVE-2022-28279 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2022-05-16 9.3 HIGH 7.8 HIGH
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-28278 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2022-05-16 9.3 HIGH 7.8 HIGH
Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2020-8285 8 Apple, Debian, Fedoraproject and 5 more 29 Mac Os X, Macos, Debian Linux and 26 more 2022-05-13 5.0 MEDIUM 7.5 HIGH
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
CVE-2020-6147 2 Apple, Pixar 3 Ipados, Iphone Os, Openusd 2022-05-13 6.8 MEDIUM 7.8 HIGH
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow.
CVE-2020-8284 8 Apple, Debian, Fedoraproject and 5 more 28 Mac Os X, Macos, Debian Linux and 25 more 2022-05-13 4.3 MEDIUM 3.7 LOW
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
CVE-2020-13630 9 Apple, Brocade, Canonical and 6 more 20 Icloud, Ipados, Iphone Os and 17 more 2022-05-13 4.4 MEDIUM 7.0 HIGH
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
CVE-2020-13631 8 Apple, Brocade, Canonical and 5 more 19 Icloud, Ipados, Iphone Os and 16 more 2022-05-13 2.1 LOW 5.5 MEDIUM
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
CVE-2020-8286 7 Apple, Debian, Fedoraproject and 4 more 19 Mac Os X, Macos, Debian Linux and 16 more 2022-05-13 5.0 MEDIUM 7.5 HIGH
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
CVE-2022-28272 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2022-05-13 9.3 HIGH 7.8 HIGH
Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-28271 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2022-05-13 9.3 HIGH 7.8 HIGH
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.