Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 11570 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44328 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2024-11-21 N/A 5.5 MEDIUM
Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44327 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2024-11-21 N/A 5.5 MEDIUM
Adobe Bridge versions 13.0.4 (and earlier) and 14.0.0 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44326 3 Adobe, Apple, Microsoft 3 Dimension, Macos, Windows 2024-11-21 N/A 5.5 MEDIUM
Adobe Dimension versions 3.4.9 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44325 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-11-21 N/A 5.5 MEDIUM
Adobe Animate versions 23.0.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-44216 7 Amd, Apple, Canonical and 4 more 16 Ryzen 5 7600x, Ryzen 7 4800u, M1 Mac Mini and 13 more 2024-11-21 N/A 5.3 MEDIUM
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
CVE-2023-44214 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 N/A 5.5 MEDIUM
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.
CVE-2023-44212 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 N/A 7.1 HIGH
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477.
CVE-2023-44211 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 N/A 7.1 HIGH
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 31637, Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
CVE-2023-44210 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 N/A 5.5 MEDIUM
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29258.
CVE-2023-44209 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 29051.
CVE-2023-44153 4 Acronis, Apple, Linux and 1 more 4 Cyber Protect, Macos, Linux Kernel and 1 more 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
CVE-2023-44152 4 Acronis, Apple, Linux and 1 more 4 Cyber Protect, Macos, Linux Kernel and 1 more 2024-11-21 N/A 9.1 CRITICAL
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
CVE-2023-44077 2 Apple, Studionetworksolutions 2 Macos, Sharebrowser 2024-11-21 N/A 9.8 CRITICAL
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636.
CVE-2023-43799 4 Altairgraphql, Apple, Linux and 1 more 4 Altair, Macos, Linux Kernel and 1 more 2024-11-21 N/A 5.0 MEDIUM
Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the software running on MacOS, Windows, and Linux. Version 5.2.5 fixes this issue.
CVE-2023-43767 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-43766 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 N/A 7.8 HIGH
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-43765 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-43761 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-43760 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-43611 2 Apple, F5 20 Macos, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 17 more 2024-11-21 N/A 7.8 HIGH
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.  This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated