Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 3589 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23196 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23195 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23194 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23193 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23192 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23191 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23190 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23189 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23188 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted malicious file in Illustrator.
CVE-2022-23187 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Illustrator.
CVE-2022-23186 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-22779 3 Apple, Keybase, Microsoft 3 Macos, Keybase, Windows 2024-11-21 4.3 MEDIUM 3.7 LOW
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.
CVE-2022-22750 3 Apple, Microsoft, Mozilla 3 Macos, Windows, Firefox 2024-11-21 N/A 6.5 MEDIUM
By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>*This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.
CVE-2022-22721 5 Apache, Apple, Debian and 2 more 8 Http Server, Mac Os X, Macos and 5 more 2024-11-21 5.8 MEDIUM 9.1 CRITICAL
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2022-22720 5 Apache, Apple, Debian and 2 more 8 Http Server, Mac Os X, Macos and 5 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
CVE-2022-22719 5 Apache, Apple, Debian and 2 more 7 Http Server, Mac Os X, Macos and 4 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2022-22677 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 N/A 4.3 MEDIUM
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.
CVE-2022-22676 1 Apple 1 Macos 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission.
CVE-2022-22675 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-11-21 9.3 HIGH 7.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
CVE-2022-22674 1 Apple 2 Mac Os X, Macos 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory.