Filtered by vendor Apple
Subscribe
Total
9366 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-4193 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2022-05-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| vim is vulnerable to Out-of-bounds Read | |||||
| CVE-2021-4173 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-05-17 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use After Free | |||||
| CVE-2022-0128 | 2 Apple, Vim | 2 Macos, Vim | 2022-05-17 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Out-of-bounds Read | |||||
| CVE-2021-4192 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2022-05-17 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use After Free | |||||
| CVE-2022-22665 | 1 Apple | 1 Macos | 2022-05-17 | 9.3 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. | |||||
| CVE-2022-22589 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2022-05-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript. | |||||
| CVE-2021-4166 | 7 Apple, Debian, Fedoraproject and 4 more | 7 Macos, Debian Linux, Fedora and 4 more | 2022-05-17 | 5.8 MEDIUM | 7.1 HIGH |
| vim is vulnerable to Out-of-bounds Read | |||||
| CVE-2021-4187 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-05-17 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use After Free | |||||
| CVE-2021-4136 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-05-17 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Heap-based Buffer Overflow | |||||
| CVE-2021-22925 | 6 Apple, Fedoraproject, Haxx and 3 more | 10 Mac Os X, Macos, Fedora and 7 more | 2022-05-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. | |||||
| CVE-2022-28279 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2022-05-16 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28278 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2022-05-16 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-8285 | 8 Apple, Debian, Fedoraproject and 5 more | 29 Mac Os X, Macos, Debian Linux and 26 more | 2022-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. | |||||
| CVE-2020-6147 | 2 Apple, Pixar | 3 Ipados, Iphone Os, Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow. | |||||
| CVE-2020-8284 | 8 Apple, Debian, Fedoraproject and 5 more | 28 Mac Os X, Macos, Debian Linux and 25 more | 2022-05-13 | 4.3 MEDIUM | 3.7 LOW |
| A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. | |||||
| CVE-2020-13630 | 9 Apple, Brocade, Canonical and 6 more | 20 Icloud, Ipados, Iphone Os and 17 more | 2022-05-13 | 4.4 MEDIUM | 7.0 HIGH |
| ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | |||||
| CVE-2020-13631 | 8 Apple, Brocade, Canonical and 5 more | 19 Icloud, Ipados, Iphone Os and 16 more | 2022-05-13 | 2.1 LOW | 5.5 MEDIUM |
| SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | |||||
| CVE-2020-8286 | 7 Apple, Debian, Fedoraproject and 4 more | 19 Mac Os X, Macos, Debian Linux and 16 more | 2022-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. | |||||
| CVE-2022-28272 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2022-05-13 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28271 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2022-05-13 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||