Total
3247 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34235 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2023-12-10 | N/A | 7.8 HIGH |
Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileged user. Exploitation of this issue does not require user interaction. | |||||
CVE-2022-32827 | 1 Apple | 2 Iphone Os, Macos | 2023-12-10 | N/A | 5.5 MEDIUM |
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service. | |||||
CVE-2022-32812 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-30672 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-28887 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more | 2023-12-10 | N/A | 7.5 HIGH |
Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash. | |||||
CVE-2022-28880 | 3 Apple, F-secure, Microsoft | 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more | 2023-12-10 | N/A | 7.5 HIGH |
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker. | |||||
CVE-2022-38407 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-35699 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-12-10 | N/A | 7.8 HIGH |
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-38409 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-38432 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-12-10 | N/A | 7.8 HIGH |
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-32810 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-12-10 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32865 | 1 Apple | 2 Iphone Os, Macos | 2023-12-10 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32787 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-12-10 | N/A | 8.8 HIGH |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2022-32811 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | N/A | 7.8 HIGH |
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32829 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-12-10 | N/A | 7.8 HIGH |
This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32814 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-12-10 | N/A | 7.8 HIGH |
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32843 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | N/A | 7.1 HIGH |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory. | |||||
CVE-2022-32940 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-12-10 | N/A | 7.8 HIGH |
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-34251 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-12-10 | N/A | 7.8 HIGH |
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-38405 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-12-10 | N/A | 7.8 HIGH |
Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |