Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Mac Os
Total 861 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-3788 3 Adobe, Apple, Microsoft 4 Photoshop 2020, Photoshop Cc, Mac Os and 1 more 2021-07-21 7.5 HIGH 9.8 CRITICAL
Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-3787 3 Adobe, Apple, Microsoft 4 Photoshop 2020, Photoshop Cc, Mac Os and 1 more 2021-07-21 7.5 HIGH 9.8 CRITICAL
Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-3785 3 Adobe, Apple, Microsoft 4 Photoshop 2020, Photoshop Cc, Mac Os and 1 more 2021-07-21 7.5 HIGH 9.8 CRITICAL
Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-3762 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write.
CVE-2019-8196 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2020-24559 2 Apple, Trendmicro 2 Mac Os, Apex One 2021-07-21 7.2 HIGH 7.8 HIGH
A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2020-13493 2 Apple, Pixar 2 Mac Os, Openusd 2021-07-21 6.8 MEDIUM 7.8 HIGH
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file.
CVE-2020-26540 2 Apple, Foxitsoftware 3 Mac Os, Foxit Reader, Phantompdf 2021-07-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.
CVE-2020-3784 3 Adobe, Apple, Microsoft 4 Photoshop 2020, Photoshop Cc, Mac Os and 1 more 2021-07-21 7.5 HIGH 9.8 CRITICAL
Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-5819 4 Apple, Fedoraproject, Google and 1 more 5 Mac Os, Fedora, Chrome and 2 more 2021-07-21 4.4 MEDIUM 7.3 HIGH
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
CVE-2019-7042 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 9.3 HIGH 8.8 HIGH
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7051 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7066 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7960 3 Adobe, Apple, Microsoft 3 Animate Cc, Mac Os, Windows 2021-07-21 4.4 MEDIUM 7.8 HIGH
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2019-8195 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2020-11582 4 Apple, Linux, Oracle and 1 more 4 Mac Os, Linux Kernel, Solaris and 1 more 2021-07-21 3.3 LOW 8.8 HIGH
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.)
CVE-2019-16455 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-16460 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-20856 2 Apple, Mattermost 2 Mac Os, Mattermost Desktop 2021-07-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.
CVE-2020-3763 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write.