Filtered by vendor Apple Subscriptions
Total 11913 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-40843 1 Apple 1 Macos 2024-09-24 5.5 Medium
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the file system.
CVE-2024-40842 1 Apple 1 Macos 2024-09-24 5.5 Medium
An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
CVE-2024-40770 1 Apple 1 Macos 2024-09-24 7.5 High
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings.
CVE-2024-40790 1 Apple 1 Visionos 2024-09-24 5.5 Medium
The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.
CVE-2024-27795 1 Apple 1 Macos 2024-09-23 7.5 High
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet.
CVE-2024-27858 1 Apple 1 Macos 2024-09-23 5.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
CVE-2024-23237 1 Apple 1 Macos 2024-09-23 5.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service.
CVE-2024-40826 1 Apple 3 Ipados, Iphone Os, Macos 2024-09-23 6.1 Medium
A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview.
CVE-2024-40830 1 Apple 2 Ipados, Iphone Os 2024-09-23 3.3 Low
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.
CVE-2024-40831 1 Apple 1 Macos 2024-09-23 5.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.
CVE-2024-27860 1 Apple 1 Macos 2024-09-23 5.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.
CVE-2024-40837 1 Apple 1 Macos 2024-09-23 5.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
CVE-2024-8909 2 Apple, Google 2 Iphone Os, Chrome 2024-09-23 4.3 Medium
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-6053 4 Apple, Linux, Microsoft and 1 more 5 Macos, Linux Kernel, Windows and 2 more 2024-09-19 4.3 Medium
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
CVE-2024-41869 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-09-19 7.8 High
Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-45112 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-09-19 7.8 High
Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-39378 3 Adobe, Apple, Microsoft 3 Audition, Mac Os X, Windows 2024-09-18 7.8 High
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-41868 3 Adobe, Apple, Microsoft 3 Audition, Mac Os X, Windows 2024-09-18 5.5 Medium
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-34117 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-09-18 7.8 High
Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-45108 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-09-18 7.8 High
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.