Filtered by vendor Apple Subscriptions
Filtered by product Macos Subscriptions
Total 3890 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-54476 1 Apple 1 Macos 2024-12-19 5.5 Medium
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data.
CVE-2024-54471 1 Apple 1 Macos 2024-12-19 5.5 Medium
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to leak a user's credentials.
CVE-2024-49543 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 7.8 High
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49544 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 7.8 High
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49545 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 7.8 High
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49546 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 5.5 Medium
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49547 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 5.5 Medium
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49548 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 5.5 Medium
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-49549 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-19 5.5 Medium
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-53954 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-19 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-53953 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-45156 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-45155 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-54495 1 Apple 1 Macos 2024-12-18 5.5 Medium
The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to modify protected parts of the file system.
CVE-2024-44220 1 Apple 1 Macos 2024-12-18 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.
CVE-2024-52985 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-52984 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-52983 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-52982 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-52989 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-12-18 7.8 High
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.