98 matches found
PT-2023-21632 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.3 Description: A buffer overflow issue was addressed with improved memory handling. This issue may allow an app to cause unexpected system termination or write kernel memory. Recommendations: For macOS versions prio...
SUSE CVE-2018-4089
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS before 11.2.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2022-32786
An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system...
PT-2022-26605 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13 Description: This issue allows a user in a privileged network position to potentially track user activity. The issue was addressed with improved data protection. Recommendations: For versions prior to 13, update to...
PT-2022-21544 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7 macOS versions prior to 12.6 Description: A configuration issue was addressed with additional restrictions, which may have allowed an app to access user-sensitive data. Recommendations: For macOS versions prior to...
CVE-2022-26756
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges...
Experts Warn of Rise in ChromeLoader Malware Hijacking Users' Browsers
A malvertising threat is witnessing a new surge in activity since its emergence earlier this year. Dubbed ChromeLoader, the malware is a "pervasive and persistent browser hijacker that modifies its victims' browser settings and redirects user traffic to advertisement websites," Aedan Russell of R...
Telegram Heap Buffer Overflow Vulnerability
Telegram is an instant messaging mobile application. A heap buffer overflow vulnerability exists in the custom derived VGradientCache :: generateGradientColorTable function of the Rlottie library for Telegram Android version prior to 7.1.0 2090, iOS version prior to 7.1, and macOS version prior t...
Apple macOS 权限许可和访问控制问题漏洞
Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A privilege-granting and access-control issue vulnerability exists in macOS, which arises from the system not properly securing the login window component in macOS. The following products and versions are...
macOS 10.15.x < 10.15.6 / 10.14.x < 10.14.6 Security Update 2020-004 / 10.13.x < 10.13.6 Security Update 2020-004
The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2020-004, 10.14.x prior to 10.14.6 Security Update 2020-004, or 10.15.x prior to 10.15.6. It is, therefore, affected by multiple vulnerabilities, including the following: - A vulnerability wa...
macOS 10.14.x < 10.14.2 Multiple Vulnerabilities
The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.2. It is, therefore, affected by multiple vulnerabilities related to the following components : - Airport - AMD - Carbon Core - Disk Images - Intel Graphics Driver - Kernel - WindowServer Note that successful...
CVE-2018-4193
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...
CVE-2017-7031
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted file...
CVE-2017-6991
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...
CVE-2017-2449
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service use-after-free via a crafted app...
CVE-2016-4678
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service NULL pointer dereference via unspecified vectors...
CVE-2016-4663
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service memory corruption via a crafted app...
PT-2016-1153 · Adobe +3 · Flash Player +6
Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions prior to 18.0.0.329 Adobe Flash Player versions 19.x Adobe Flash Player versions 20.x prior to 20.0.0.306 on Windows and OS X Adobe Flash Player versions prior to 11.2.202.569 on Linux Adobe AIR versions prior to...