Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12576 | 2 Apple, Londontrustmedia | 2 Macos, Private Internet Access Vpn Client | 2024-08-04 | N/A |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid root. This program is called during the connection process and executes several operating system utilities to configure the system. The networksetup utility is called using relative paths. A local unprivileged user can execute arbitrary commands as root by creating a networksetup trojan which will be executed during the connection process. This is possible because the PATH environment variable is not reset prior to executing the OS utility. | ||||
| CVE-2019-9815 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2024-08-04 | N/A |
| If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | ||||
| CVE-2019-8342 | 2 Apple, Foxitsoftware | 2 Macos, Foxit Reader | 2024-08-04 | N/A |
| A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set. | ||||
| CVE-2019-8236 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud, Macos, Windows | 2024-08-04 | 9.8 Critical |
| Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. | ||||
| CVE-2019-8241 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8252 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-08-04 | 5.5 Medium |
| Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8257 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-08-04 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8253 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-08-04 | 7.8 High |
| Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2019-8247 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-08-04 | 9.8 Critical |
| Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8254 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-08-04 | 7.8 High |
| Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2019-8237 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-08-04 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an insufficiently robust encryption vulnerability. Successful exploitation could lead to security feature bypass. | ||||
| CVE-2019-8240 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Macos, Windows | 2024-08-04 | 7.5 High |
| Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8250 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-08-04 | 7.8 High |
| Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8246 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 9.8 Critical |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8243 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8244 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8248 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-08-04 | 9.8 Critical |
| Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-8251 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-08-04 | 5.5 Medium |
| Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8242 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-08-04 | 4.3 Medium |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2019-8239 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Macos, Windows | 2024-08-04 | 7.5 High |
| Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to information disclosure. | ||||