155 matches found
PT-2025-31335 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 Description: An injection issue was addressed with improved validation. An app may be able to access sensitive user data. Recommendations: Update to macOS version 15.6...
PT-2025-31329 · Apple · Macos Ventura 13.7.7 +3
Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 macOS versions prior to Ventura 13.7.7 Description: An out-of-bounds read issue was addressed through enhanced input validation. Processing a maliciously crafted file...
macOS 14.x < 14.7.7 Multiple Vulnerabilities (124150)
The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.7.7. It is, therefore, affected by multiple vulnerabilities: - A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion durin...
PT-2025-31317 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An application may be able to read files outside of its designated sandbox...
PT-2025-31231 · Apple · Macos Ventura +3
Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 macOS Sequoia versions prior to 15.6 Description: A permissions issue was addressed with additional restrictions. An app may be able to bypass certain Privacy...
PT-2025-31311 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 Description: Processing maliciously crafted web content may lead to universal cross site scripting due to improved state management. Recommendations: Update to macOS version 15.6...
PT-2025-31322 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. A malicious app with root privileges may be able to modify the contents of...
CVE-2025-5199
In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate privileges by modifying files executed with administrative privileges by a Launch Daemon during system startup...
Security Updates for Microsoft Office Products (June 2025) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the june-10-2025 advisory. - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2025-47164, CVE-2025-47953 - Use after free in...
Mozilla Firefox ESR < 128.11
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 128.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-44 advisory. - Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of...
CVE-2024-27882
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system...
CVE-2023-42859
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system...
CVE-2023-44211
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 31637, Acronis Cyber Protect 16 Linux, Windows before build 37391...
CVE-2021-30821
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2020-3851
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application...
CVE-2020-10015
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges...
Security Updates for Microsoft Office Products (May 2025) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the may-13-2025 advisory. - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2025-30377, CVE-2025-30386 - Use after free in...
Vulnerabilities fixed in Apple macOS
Apple has fixed vulnerabilities in macOS Specifically for Ventura 13.7.6, Sequoia 15.5 and Sonoma 14.7.6. The vulnerabilities include several issues, such as memory damage from processing maliciously created Web content, unauthorized access to sensitive user data, and unexpected system...
Adobe Dimension < 4.1.2 Multiple Arbitrary code execution (APSB25-45) (macOS)
The version of Adobe Dimension installed on the remote macOS host is prior to 4.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-45 advisory. - Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in...
Adobe Bridge 14.x < 14.1.7 / 15.x < 15.0.4 Multiple Vulnerabilities (APSB25-44)
The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 14.1.7 or 15.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-44 advisory. - Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound...