Filtered by vendor Apple Subscriptions
Filtered by product Macos Subscriptions
Total 3890 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-54477 1 Apple 1 Macos 2024-12-13 5.5 Medium
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data.
CVE-2024-44201 1 Apple 3 Ipados, Iphone Os, Macos 2024-12-13 5.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service.
CVE-2024-54513 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-12-13 5.7 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data.
CVE-2024-20754 2 Adobe, Apple 2 Lightroom, Macos 2024-12-13 7.8 High
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-30314 3 Adobe, Apple, Microsoft 3 Dreamweaver, Macos, Windows 2024-12-13 7.8 High
Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction.
CVE-2024-41836 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-12-13 5.5 Medium
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-27869 1 Apple 4 Ios And Ipados, Ipados, Iphone Os and 1 more 2024-12-12 7.5 High
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator.
CVE-2024-44237 1 Apple 2 Mac Os, Macos 2024-12-12 6.5 Medium
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination.
CVE-2024-44216 1 Apple 1 Macos 2024-12-12 6.2 Medium
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data.
CVE-2024-44145 1 Apple 5 Ipad Os, Ipados, Iphone Os and 2 more 2024-12-12 5.7 Medium
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.
CVE-2024-44257 1 Apple 1 Macos 2024-12-12 6.2 Medium
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.
CVE-2024-44256 1 Apple 2 Mac Os, Macos 2024-12-12 9.3 Critical
The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox.
CVE-2024-44240 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-12-12 6.5 Medium
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.
CVE-2024-44295 1 Apple 2 Mac Os, Macos 2024-12-12 7.7 High
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
CVE-2024-44283 1 Apple 1 Macos 2024-12-12 6.5 Medium
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination.
CVE-2024-44260 1 Apple 2 Mac Os, Macos 2024-12-12 6.7 Medium
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app with root privileges may be able to modify the contents of system files.
CVE-2024-41871 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2024-12-12 5.5 Medium
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-44301 1 Apple 1 Macos 2024-12-12 5.5 Medium
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
CVE-2024-27876 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-12-12 8.1 High
A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.
CVE-2024-40825 1 Apple 2 Macos, Visionos 2024-12-12 6 Medium
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files.