Filtered by vendor Apple
Subscriptions
Total
11610 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44189 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44224 | 7 Apache, Apple, Debian and 4 more | 15 Http Server, Mac Os X, Macos and 12 more | 2024-08-04 | 8.2 High |
| A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). | ||||
| CVE-2021-44191 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44190 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44193 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44228 | 13 Apache, Apple, Bentley and 10 more | 167 Log4j, Xcode, Synchro and 164 more | 2024-08-04 | 10.0 Critical |
| Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | ||||
| CVE-2021-44194 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44195 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44192 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-44188 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-04 | 7.8 High |
| Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-43849 | 3 Apple, Cordova Plugin Fingerprint All-in-one Project, Google | 3 Iphone Os, Cordova Plugin Fingerprint All-in-one, Android | 2024-08-04 | 6.2 Medium |
| cordova-plugin-fingerprint-aio is a plugin provides a single and simple interface for accessing fingerprint APIs on both Android 6+ and iOS. In versions prior to 5.0.1 The exported activity `de.niklasmerz.cordova.biometric.BiometricActivity` can cause the app to crash. This vulnerability occurred because the activity didn't handle the case where it is requested with invalid or empty data which results in a crash. Any third party app can constantly call this activity with no permission. A 3rd party app/attacker using event listener can continually stop the app from working and make the victim unable to open it. Version 5.0.1 of the cordova-plugin-fingerprint-aio doesn't export the activity anymore and is no longer vulnerable. If you want to fix older versions change the attribute android:exported in plugin.xml to false. Please upgrade to version 5.0.1 as soon as possible. | ||||
| CVE-2021-43759 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MP4 file. | ||||
| CVE-2021-43758 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MP4 file. | ||||
| CVE-2021-43757 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 7.8 High |
| Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious 3GP ​file | ||||
| CVE-2021-43751 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-43760 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 3.3 Low |
| Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MOV file. | ||||
| CVE-2021-43187 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. | ||||
| CVE-2021-43188 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-08-04 | 7.3 High |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. | ||||
| CVE-2021-43191 | 3 Apple, Google, Jetbrains | 3 Iphone Os, Android, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. | ||||
| CVE-2021-43192 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. | ||||