Total
3247 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-38607 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings. | |||||
CVE-2022-48577 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | |||||
CVE-2022-48504 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. | |||||
CVE-2022-47965 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-46710 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-17 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet. | |||||
CVE-2022-47915 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-46721 | 1 Apple | 1 Macos | 2024-01-17 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2024-20715 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-17 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20714 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-17 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-42934 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 4.2 MEDIUM |
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app with root privileges may be able to access private information. | |||||
CVE-2023-42872 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-01-16 | N/A | 5.5 MEDIUM |
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data. | |||||
CVE-2023-42871 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2023-42870 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 7.8 HIGH |
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2023-41060 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 8.8 HIGH |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. A remote user may be able to cause kernel code execution. | |||||
CVE-2023-40438 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-01-16 | N/A | 5.5 MEDIUM |
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14, iOS 16.7 and iPadOS 16.7. An app may be able to access edited photos saved to a temporary directory. | |||||
CVE-2023-32439 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-01-12 | N/A | 8.8 HIGH |
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
CVE-2024-20713 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20712 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20711 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2024-20710 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-01-12 | N/A | 5.5 MEDIUM |
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |