Total
4503 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37448 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 3.3 LOW |
| A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen. | |||||
| CVE-2023-39233 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may disclose sensitive information. | |||||
| CVE-2023-40386 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 3.3 LOW |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments. | |||||
| CVE-2023-40388 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 4.3 MEDIUM |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. Safari may save photos to an unprotected location. | |||||
| CVE-2023-40402 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data. | |||||
| CVE-2023-40407 | 1 Apple | 1 Macos | 2023-10-12 | N/A | 7.5 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. A remote attacker may be able to cause a denial-of-service. | |||||
| CVE-2023-43799 | 4 Altairgraphql, Apple, Linux and 1 more | 4 Altair, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 7.8 HIGH |
| Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the software running on MacOS, Windows, and Linux. Version 5.2.5 fixes this issue. | |||||
| CVE-2023-44212 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 7.1 HIGH |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477. | |||||
| CVE-2023-44214 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | |||||
| CVE-2023-45240 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | |||||
| CVE-2023-45243 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | |||||
| CVE-2023-45242 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739. | |||||
| CVE-2023-45245 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2023-10-10 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36119. | |||||
| CVE-2023-2110 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2023-08-24 | N/A | 7.1 HIGH |
| Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian. | |||||
| CVE-2023-2318 | 4 Apple, Linux, Marktext and 1 more | 4 Macos, Linux Kernel, Marktext and 1 more | 2023-08-24 | N/A | 9.6 CRITICAL |
| DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText. | |||||
| CVE-2022-42828 | 1 Apple | 1 Macos | 2023-08-22 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-46706 | 1 Apple | 2 Mac Os X, Macos | 2023-08-19 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-28179 | 1 Apple | 1 Macos | 2023-08-19 | N/A | 7.1 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory. | |||||
| CVE-2023-27948 | 1 Apple | 1 Macos | 2023-08-19 | N/A | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | |||||
| CVE-2023-27947 | 1 Apple | 1 Macos | 2023-08-19 | N/A | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | |||||