Filtered by vendor Apple Subscriptions
Filtered by product Macos Subscriptions
Total 3615 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-21578 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 5.5 Medium
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-21577 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 5.5 Medium
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-21576 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 7.8 High
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-21575 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 7.8 High
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-21574 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 7.8 High
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-1764 2 Apple, Canon 3 Mac Os X, Macos, Ij Network Tool 2024-11-21 6.5 Medium
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software.
CVE-2023-1763 2 Apple, Canon 3 Mac Os X, Macos, Ij Network Tool 2024-11-21 6.5 Medium
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the software.
CVE-2023-1409 3 Apple, Microsoft, Mongodb 3 Macos, Windows, Mongodb 2024-11-21 5.3 Medium
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate. This issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions.
CVE-2023-1174 2 Apple, Kubernetes 2 Macos, Minikube 2024-11-21 9.8 Critical
This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container.
CVE-2023-0976 2 Apple, Trellix 2 Macos, Agent 2024-11-21 6.3 Medium
A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree.
CVE-2023-0837 3 Apple, Microsoft, Teamviewer 3 Macos, Windows, Remote 2024-11-21 6.6 Medium
An improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unprivileged user to change basic local device settings even though the options were locked. This can result in unwanted changes to the configuration.
CVE-2023-0834 2 Apple, Hypr 2 Macos, Workforce Access 2024-11-21 7 High
Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1.
CVE-2023-0575 4 Apple, Linux, Microsoft and 1 more 5 Iphone Os, Macos, Linux Kernel and 2 more 2024-11-21 7.2 High
External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with program files backup.Py. This issue affects Yugabyte DB: Lesser then 2.2.0.0
CVE-2022-4126 4 Abb, Apple, Linux and 1 more 4 Rccmd, Macos, Linux Kernel and 1 more 2024-11-21 9.6 Critical
Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: before 4.40 230207.
CVE-2022-48683 1 Apple 1 Macos 2024-11-21 8.6 High
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13. An app may be able to break out of its sandbox.
CVE-2022-48618 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-11-21 7.0 High
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
CVE-2022-48578 1 Apple 1 Macos 2024-11-21 7.1 High
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5. Processing an AppleScript may result in unexpected termination or disclosure of process memory.
CVE-2022-48577 1 Apple 1 Macos 2024-11-21 5.5 Medium
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.
CVE-2022-48505 1 Apple 1 Macos 2024-11-21 5.5 Medium
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system
CVE-2022-48504 1 Apple 1 Macos 2024-11-21 5.5 Medium
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.