Latest apple macos Vulnerabilities

Kerberos v5 PAM module. The issue was addressed with improved checks.
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
Disk Images. The issue was addressed with improved checks.
Apple macOS Sonoma<14.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
Apple macOS<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
PackageKit. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
TCC. Description: This issue was addressed by adding an additional prompt for user consent.
Apple macOS Sonoma<14.4
Apple macOS<14.4
The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Ventura 13.6.5, macOS Monterey 12.7.4. An app may be able to access sensitive user data.
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
Apple macOS<12.7.4
Apple macOS>=13.0<13.6.5
Apple Multiple Products Memory Corruption Vulnerability
Apple Multiple Products
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple watchOS<10.4
Apple tvOS<17.4
and 10 more
Bluetooth. The issue was addressed with improved checks.
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple Ipad Os>17.0<17.4
Apple iPhone OS>=17.0<17.4
Apple macOS>=14.0<14.4
Safari Private Browsing. This issue was addressed through improved state management.
Apple macOS Sonoma<14.4
Apple Safari<17.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple Safari<17.4
Apple Ipad Os<17.4
and 2 more
Image Processing. The issue was addressed with improved memory handling.
Apple tvOS<17.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
and 6 more
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS<16.7.6
Apple iPadOS<16.7.6
Apple macOS Ventura<13.6.5
Apple tvOS<17.4
Apple macOS Monterey<12.7.4
Apple watchOS<10.4
and 15 more
[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
Improper validation of update packages
Snowsoftware Snow Inventory Agent<6.7.2
Snowsoftware Snow Inventory Agent>=6.14.0<6.14.5
Snowsoftware Snow Inventory Agent=6.12.0
Apple macOS
Linux Linux kernel
Microsoft Windows
Miro Desktop 0.8.18 on macOS allows code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an a...
=0.8.18
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
Discord Discord<=0.0.291
Apple macOS
LLVM. The issue was addressed with improved memory handling.
Apple macOS Sonoma<14.3
Apple macOS<14.3
Kernel. The issue was addressed with improved memory handling.
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Finder. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.4
Apple macOS Sonoma<14.3
Apple macOS>=13.0<13.6.4
Apple macOS>=14.0<14.3
Shortcuts. The issue was addressed with additional permissions checks.
Apple macOS Ventura<13.6.5
Apple iOS<16.7.6
Apple iPadOS<16.7.6
Apple watchOS<10.3
Apple macOS Sonoma<14.3
Apple iOS<17.3
and 6 more
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a use...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user ...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy ...
Apple macOS Sonoma<14.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Ventura<13.6.5
<17.3
and 3 more
Shortcuts. The issue was addressed with additional permissions checks.
Apple iOS<16.7.6
Apple iPadOS<16.7.6
Apple macOS Sonoma<14.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Ventura<13.6.5
and 3 more
Mail Search. This issue was addressed with improved redaction of sensitive information.
Apple macOS Ventura<13.6.4
Apple macOS Monterey<12.7.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
and 6 more
Apple Multiple Products Type Confusion Vulnerability
Apple iPhone
Apple visionOS<1.0.2
Apple Safari<17.3
and 29 more
A maliciously crafted webpage may be able to fingerprint the user
Apple Safari<17.3
ubuntu/webkit2gtk<2.42.5-0ubuntu0.22.04.2
ubuntu/webkit2gtk<2.42.5-0ubuntu0.23.10.2
ubuntu/webkit2gtk<2.42.5
Apple iOS<16.7.5
Apple iPadOS<16.7.5
and 15 more
Apple Neural Engine. The issue was addressed with improved memory handling.
Apple macOS Monterey<12.7.3
Apple macOS Ventura<13.6.4
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple tvOS<17.3
and 12 more
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
and 8 more
A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPa...
Apple iOS<16.7.6
Apple iPadOS<16.7.6
Apple tvOS<17.3
Apple macOS Sonoma<14.3
Apple watchOS<10.3
Apple iOS<17.3
and 8 more
Processing web content may lead to arbitrary code execution. The issue was addressed with improved memory handling.
Apple Safari<17.3
ubuntu/webkit2gtk<2.42.5-0ubuntu0.22.04.2
ubuntu/webkit2gtk<2.42.5-0ubuntu0.23.10.2
ubuntu/webkit2gtk<2.42.5
Apple iOS<16.7.5
Apple iPadOS<16.7.5
and 15 more
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensiti...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS>16.0<16.7.5
and 4 more
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636.
Studionetworksolutions Sharebrowser<7.0
Apple macOS
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Apple macOS

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203