Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
4582 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54528 | 1 Apple | 1 Macos | 2024-12-16 | 7.1 High |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to overwrite arbitrary files. | ||||
| CVE-2024-54527 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-12-16 | 5.5 Medium |
| This issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access sensitive user data. | ||||
| CVE-2024-54508 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2024-12-16 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-54494 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-16 | 5.9 Medium |
| A race condition was addressed with additional validation. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An attacker may be able to create a read-only memory mapping that can be written to. | ||||
| CVE-2024-44248 | 1 Apple | 1 Macos | 2024-12-16 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A user with screen sharing access may be able to view another user's screen. | ||||
| CVE-2024-54489 | 1 Apple | 1 Macos | 2024-12-13 | 5.3 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Running a mount command may unexpectedly execute arbitrary code. | ||||
| CVE-2024-54484 | 1 Apple | 1 Macos | 2024-12-13 | 5.5 Medium |
| The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-54477 | 1 Apple | 1 Macos | 2024-12-13 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44201 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-12-13 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service. | ||||
| CVE-2024-54513 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-13 | 5.7 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data. | ||||
| CVE-2024-20754 | 2 Adobe, Apple | 2 Lightroom, Macos | 2024-12-12 | 7.8 High |
| Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-30314 | 3 Adobe, Apple, Microsoft | 3 Dreamweaver, Macos, Windows | 2024-12-12 | 7.8 High |
| Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction. | ||||
| CVE-2024-41836 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-12 | 5.5 Medium |
| InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-27869 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2024-12-12 | 7.5 High |
| The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator. | ||||
| CVE-2024-44237 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 6.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2024-44216 | 1 Apple | 1 Macos | 2024-12-12 | 6.2 Medium |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44145 | 1 Apple | 5 Ipad Os, Ipados, Iphone Os and 2 more | 2024-12-12 | 5.7 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen. | ||||
| CVE-2024-44257 | 1 Apple | 1 Macos | 2024-12-12 | 6.2 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data. | ||||
| CVE-2024-44256 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 9.3 Critical |
| The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox. | ||||
| CVE-2024-44240 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-12 | 6.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory. | ||||