Total
3254 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45557 | 2 Apple, Left Project | 2 Macos, Left | 2023-01-25 | N/A | 6.1 MEDIUM |
| Cross site scripting (XSS) vulnerability in Hundredrabbits Left 7.1.5 for MacOS allows attackers to execute arbitrary code via file names. | |||||
| CVE-2023-21603 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-01-25 | N/A | 5.5 MEDIUM |
| Adobe Dimension version 3.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21601 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-01-25 | N/A | 5.5 MEDIUM |
| Adobe Dimension version 3.4.6 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-8140 | 2 Apple, Nextcloud | 2 Macos, Desktop | 2023-01-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the environment. | |||||
| CVE-2022-27784 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-01-24 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in After Effects. | |||||
| CVE-2023-21598 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21596 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21595 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21594 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21599 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21590 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21591 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21592 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-26386 | 3 Apple, Linux, Mozilla | 4 Macos, Linux Kernel, Firefox Esr and 1 more | 2023-01-23 | N/A | 6.5 MEDIUM |
| Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7. | |||||
| CVE-2023-21587 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-20 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21588 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-20 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21589 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-20 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-32849 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2023-01-12 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. | |||||
| CVE-2022-32814 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-12 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42841 | 1 Apple | 1 Macos | 2023-01-09 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution. | |||||