Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 8573 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11041 6 Apple, Canonical, Debian and 3 more 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more 2021-07-22 5.8 MEDIUM 7.1 HIGH
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2019-11042 6 Apple, Canonical, Debian and 3 more 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more 2021-07-22 5.8 MEDIUM 7.1 HIGH
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2020-7463 2 Apple, Freebsd 7 Icloud, Ipad Os, Iphone Os and 4 more 2021-07-22 4.9 MEDIUM 5.5 MEDIUM
In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.
CVE-2019-8571 1 Apple 6 Icloud, Iphone Os, Itunes and 3 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8196 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8546 1 Apple 3 Iphone Os, Mac Os X, Watchos 2021-07-21 2.1 LOW 5.5 MEDIUM
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive user information.
CVE-2019-8524 1 Apple 5 Icloud, Iphone Os, Itunes and 2 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8531 1 Apple 3 Iphone Os, Mac Os X, Watchos 2021-07-21 7.5 HIGH 9.8 CRITICAL
A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted.
CVE-2019-5819 4 Apple, Fedoraproject, Google and 1 more 5 Mac Os, Fedora, Chrome and 2 more 2021-07-21 4.4 MEDIUM 7.3 HIGH
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
CVE-2019-16455 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-4735 2 Apple, Ibm 2 Iphone Os, Maas360 2021-07-21 2.1 LOW 4.6 MEDIUM
IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705.
CVE-2019-7066 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7051 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7960 3 Adobe, Apple, Microsoft 3 Animate Cc, Mac Os, Windows 2021-07-21 4.4 MEDIUM 7.8 HIGH
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2019-8195 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8063 3 Adobe, Apple, Microsoft 3 Creative Cloud, Mac Os X, Windows 2021-07-21 5.0 MEDIUM 7.5 HIGH
Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.
CVE-2019-20856 2 Apple, Mattermost 2 Mac Os, Mattermost Desktop 2021-07-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
CVE-2019-7042 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 9.3 HIGH 8.8 HIGH
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-16460 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8597 1 Apple 7 Icloud, Iphone Os, Itunes and 4 more 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.