Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 1853 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4136 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-07-01 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-1257 5 Apple, Cisco, Linux and 2 more 5 Macos, Dna Center, Linux Kernel and 2 more 2022-07-01 6.8 MEDIUM 8.8 HIGH
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a web-based management user to follow a specially crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the device with the privileges of the authenticated user. These actions include modifying the device configuration, disconnecting the user's session, and executing Command Runner commands.
CVE-2021-46817 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2022-06-30 6.8 MEDIUM 7.8 HIGH
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-46816 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2022-06-30 6.8 MEDIUM 7.8 HIGH
Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2021-46818 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2022-06-30 6.8 MEDIUM 7.8 HIGH
Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.
CVE-2020-13496 2 Apple, Pixar 2 Macos, Openusd 2022-06-29 4.3 MEDIUM 6.5 MEDIUM
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.
CVE-2022-30655 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30657 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30656 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30664 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30653 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30652 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30654 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30650 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30651 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30663 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30665 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30662 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30661 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30660 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2022-06-27 9.3 HIGH 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.