Filtered by vendor Apple
Subscribe
Total
12581 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22246 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2023-03-01 | N/A | 7.8 HIGH |
| Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-14899 | 4 Apple, Freebsd, Linux and 1 more | 8 Ipados, Iphone Os, Mac Os X and 5 more | 2023-03-01 | 4.9 MEDIUM | 7.4 HIGH |
| A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. | |||||
| CVE-2023-21593 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-02-28 | N/A | 5.5 MEDIUM |
| Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-11042 | 7 Apple, Canonical, Debian and 4 more | 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more | 2023-02-28 | 5.8 MEDIUM | 7.1 HIGH |
| When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | |||||
| CVE-2019-11041 | 7 Apple, Canonical, Debian and 4 more | 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more | 2023-02-28 | 5.8 MEDIUM | 7.1 HIGH |
| When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | |||||
| CVE-2023-22231 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 5.5 MEDIUM |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22233 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-02-24 | N/A | 5.5 MEDIUM |
| After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22237 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22239 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22238 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21583 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 5.5 MEDIUM |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22226 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22230 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22228 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22227 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22229 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21577 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-02-24 | N/A | 5.5 MEDIUM |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21575 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21578 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-02-24 | N/A | 5.5 MEDIUM |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21576 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-02-24 | N/A | 7.8 HIGH |
| Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||