Latest apple macos Vulnerabilities

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
PackageKit. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
Kerberos v5 PAM module. The issue was addressed with improved checks.
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
Safari Private Browsing. This issue was addressed through improved state management.
Apple iOS<17.4
Apple iPadOS<17.4
Apple Safari<17.4
Apple iOS<17.4
Apple iPhone OS<17.4
Apple macOS>=14.0<14.4
and 2 more
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS<16.7.6
Apple iPadOS<16.7.6
Apple iOS<17.4
Apple iPadOS<17.4
Apple macOS Ventura<13.6.5
Apple tvOS<17.4
and 15 more
Image Processing. The issue was addressed with improved memory handling.
Apple iOS<17.4
Apple iPadOS<17.4
Apple tvOS<17.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
and 6 more
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS<17.4
Apple iPadOS<17.4
Apple macOS Sonoma<14.4
Apple tvOS<17.4
Apple watchOS<10.4
Apple visionOS<1.1
and 7 more
Bluetooth. The issue was addressed with improved checks.
Apple iOS<17.4
Apple iPadOS<17.4
Apple macOS Sonoma<14.4
Apple iOS>17.0<17.4
Apple iPhone OS>=17.0<17.4
Apple macOS>=14.0<14.4
[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
Improper validation of update packages
Snowsoftware Snow Inventory Agent<6.7.2
Snowsoftware Snow Inventory Agent>=6.14.0<6.14.5
Snowsoftware Snow Inventory Agent=6.12.0
Apple macOS
Linux Linux kernel
Microsoft Windows
Miro Desktop 0.8.18 on macOS allows code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an a...
=0.8.18
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
Discord Discord<=0.0.291
Apple macOS
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
Postman Postman<10.22
Apple macOS
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
and 8 more
Apple Neural Engine. The issue was addressed with improved memory handling.
Apple macOS Monterey<12.7.3
Apple macOS Ventura<13.6.4
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple tvOS<17.3
and 12 more
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processin...
Apple Safari<17.3
ubuntu/webkit2gtk<2.42.5-0ubuntu0.22.04.2
ubuntu/webkit2gtk<2.42.5-0ubuntu0.23.10.2
ubuntu/webkit2gtk<2.42.5
Apple iOS<16.7.5
Apple iPadOS<16.7.5
and 15 more
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS>16.0<16.7.5
and 4 more
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensiti...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Mail Search. This issue was addressed with improved redaction of sensitive information.
Apple macOS Ventura<13.6.4
Apple macOS Monterey<12.7.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
and 6 more
Apple Multiple Products Type Confusion Vulnerability
Apple Multiple Products
Apple Safari<17.3
Apple iPhone
and 24 more
An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3....
Apple Safari<17.3
ubuntu/webkit2gtk<2.42.5-0ubuntu0.22.04.2
ubuntu/webkit2gtk<2.42.5-0ubuntu0.23.10.2
ubuntu/webkit2gtk<2.42.5
Apple iOS<16.7.5
Apple iPadOS<16.7.5
and 15 more
Finder. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.4
Apple macOS Sonoma<14.3
Apple macOS>=13.0<13.6.4
Apple macOS>=14.0<14.3
LLVM. The issue was addressed with improved memory handling.
Apple macOS Sonoma<14.3
Apple macOS<14.3
Kernel. The issue was addressed with improved memory handling.
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user ...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a use...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy ...
Apple macOS Sonoma<14.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Ventura<13.6.5
<17.3
and 3 more
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636.
Studionetworksolutions Sharebrowser<7.0
Apple macOS
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Apple macOS
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203