Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 3236 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-1809 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.
CVE-2021-45884 4 Apple, Brave, Linux and 1 more 4 Macos, Brave, Linux Kernel and 1 more 2023-12-10 4.3 MEDIUM 7.5 HIGH
In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue exists because of an incomplete fix for CVE-2021-21323 and CVE-2021-22916.
CVE-2021-39852 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-30841 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
CVE-2021-1861 1 Apple 1 Macos 2023-12-10 4.3 MEDIUM 4.3 MEDIUM
An issue existed in determining cache occupancy. The issue was addressed through improved logic. This issue is fixed in macOS Big Sur 11.3. A malicious website may be able to track users by setting state in a cache.
CVE-2021-30834 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.
CVE-2021-21089 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2023-12-10 4.3 MEDIUM 3.3 LOW
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-1851 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 9.3 HIGH 8.8 HIGH
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges.
CVE-2022-0319 4 Apple, Canonical, Debian and 1 more 4 Macos, Ubuntu Linux, Debian Linux and 1 more 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Out-of-bounds Read in vim/vim prior to 8.2.
CVE-2021-42731 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2023-12-10 9.3 HIGH 7.8 HIGH
Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-1740 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 2.1 LOW 5.5 MEDIUM
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.
CVE-2021-45063 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-45067 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-1882 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.
CVE-2021-1843 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2021-30672 1 Apple 2 Mac Os X, Macos 2023-12-10 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.
CVE-2021-30817 1 Apple 1 Macos 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access data about the accounts the user is using Family Sharing with.
CVE-2021-4136 3 Apple, Fedoraproject, Vim 4 Mac Os X, Macos, Fedora and 1 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-30848 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.
CVE-2021-39851 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.