Filtered by vendor Apple
Subscribe
Total
13303 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8533 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor.
|
|||||
| CVE-2019-8532 | 1 Apple | 2 Iphone Os, Watchos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files.
|
|||||
| CVE-2019-8531 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted.
|
|||||
| CVE-2019-8530 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
|
This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files.
|
|||||
| CVE-2019-8529 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2019-8528 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2019-8527 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
|
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
|
|||||
| CVE-2019-8525 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2019-8524 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8523 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8522 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.
|
|||||
| CVE-2019-8521 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
|
This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files.
|
|||||
| CVE-2019-8520 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory.
|
|||||
| CVE-2019-8519 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory.
|
|||||
| CVE-2019-8518 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2019-8517 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory.
|
|||||
| CVE-2019-8516 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service.
|
|||||
| CVE-2019-8515 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information.
|
|||||
| CVE-2019-8514 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges.
|
|||||
| CVE-2019-8513 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.
|
|||||
| CVE-2019-8512 | 1 Apple | 1 Iphone Os | 2024-11-21 | 7.9 HIGH | 5.7 MEDIUM |
|
This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure.
|
|||||
| CVE-2019-8511 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.
|
|||||
| CVE-2019-8510 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.
|
|||||
| CVE-2019-8509 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.
|
|||||
| CVE-2019-8508 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
|
|||||
| CVE-2019-8507 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination.
|
|||||
| CVE-2019-8505 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.
|
|||||
| CVE-2019-8504 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory.
|
|||||
| CVE-2019-8503 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.
|
|||||
| CVE-2019-8502 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
|
An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization.
|
|||||
| CVE-2019-8342 | 2 Apple, Foxitsoftware | 2 Macos, Foxit Reader | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set.
|
|||||
| CVE-2019-8257 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8255 | 4 Adobe, Apple, Linux and 1 more | 4 Brackets, Mac Os X, Linux Kernel and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Brackets versions 1.14 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||||
| CVE-2019-8254 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||||
| CVE-2019-8253 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||||
| CVE-2019-8252 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2019-8251 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to information disclosure.
|
|||||
| CVE-2019-8250 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8249 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||
| CVE-2019-8248 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
|
|||||