Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3890 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-54477 | 1 Apple | 1 Macos | 2024-12-13 | 5.5 Medium |
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data. | ||||
CVE-2024-44201 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-12-13 | 5.5 Medium |
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service. | ||||
CVE-2024-54513 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-13 | 5.7 Medium |
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data. | ||||
CVE-2024-20754 | 2 Adobe, Apple | 2 Lightroom, Macos | 2024-12-13 | 7.8 High |
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-30314 | 3 Adobe, Apple, Microsoft | 3 Dreamweaver, Macos, Windows | 2024-12-13 | 7.8 High |
Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction. | ||||
CVE-2024-41836 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-13 | 5.5 Medium |
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-27869 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2024-12-12 | 7.5 High |
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator. | ||||
CVE-2024-44237 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 6.5 Medium |
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
CVE-2024-44216 | 1 Apple | 1 Macos | 2024-12-12 | 6.2 Medium |
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data. | ||||
CVE-2024-44145 | 1 Apple | 5 Ipad Os, Ipados, Iphone Os and 2 more | 2024-12-12 | 5.7 Medium |
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen. | ||||
CVE-2024-44257 | 1 Apple | 1 Macos | 2024-12-12 | 6.2 Medium |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data. | ||||
CVE-2024-44256 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 9.3 Critical |
The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox. | ||||
CVE-2024-44240 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-12 | 6.5 Medium |
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory. | ||||
CVE-2024-44295 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 7.7 High |
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system. | ||||
CVE-2024-44283 | 1 Apple | 1 Macos | 2024-12-12 | 6.5 Medium |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination. | ||||
CVE-2024-44260 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 6.7 Medium |
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app with root privileges may be able to modify the contents of system files. | ||||
CVE-2024-41871 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-12 | 5.5 Medium |
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-44301 | 1 Apple | 1 Macos | 2024-12-12 | 5.5 Medium |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system. | ||||
CVE-2024-27876 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-12-12 | 8.1 High |
A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. | ||||
CVE-2024-40825 | 1 Apple | 2 Macos, Visionos | 2024-12-12 | 6 Medium |
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files. |