Latest apple macos Vulnerabilities

Improper validation of update packages
Snowsoftware Snow Inventory Agent<6.7.2
Snowsoftware Snow Inventory Agent>=6.14.0<6.14.5
Snowsoftware Snow Inventory Agent=6.12.0
Apple macOS
Linux Linux kernel
Microsoft Windows
Miro Desktop 0.8.18 on macOS allows Electron code injection.
Miro Miro=0.8.18
Apple macOS
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
Postman Postman<10.22
Apple macOS
An issue in Notion for macOS version 3.1.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.
<=3.1.0
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
Discord Discord<=0.0.291
Apple macOS
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user ...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy ...
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
Apple iPhone OS<17.3
and 2 more
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a use...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Shortcuts. The issue was addressed with additional permissions checks.
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS>17.0<17.3
Apple iPhone OS>17.0<17.3
Apple macOS<14.3
Mail Search. This issue was addressed with improved redaction of sensitive information.
Apple macOS Ventura<13.6.4
Apple macOS Monterey<12.7.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
and 6 more
Apple Multiple Products Type Confusion Vulnerability
Apple Multiple Products
Apple macOS Ventura<13.6.4
Apple macOS Monterey<12.7.3
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple tvOS<17.3
and 23 more
An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3....
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple tvOS<17.3
Apple iOS<17.3
Apple iPadOS<17.3
and 15 more
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensiti...
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS>16.0<16.7.5
and 4 more
LLVM. The issue was addressed with improved memory handling.
Apple macOS Sonoma<14.3
Apple macOS<14.3
Shortcuts. The issue was addressed with additional permissions checks.
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS>17.0<17.3
Apple iPhone OS>17.0<17.3
and 2 more
Kernel. The issue was addressed with improved memory handling.
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Finder. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.4
Apple macOS Sonoma<14.3
Apple macOS>=13.0<13.6.4
Apple macOS>=14.0<14.3
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processin...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple tvOS<17.3
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
and 15 more
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A...
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
and 8 more
Apple Neural Engine. The issue was addressed with improved memory handling.
Apple macOS Monterey<12.7.3
Apple macOS Ventura<13.6.4
Apple iOS<16.7.5
Apple iPadOS<16.7.5
Apple watchOS<10.3
Apple tvOS<17.3
and 12 more
A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPa...
Apple watchOS<10.3
Apple tvOS<17.3
Apple iOS<17.3
Apple iPadOS<17.3
Apple macOS Sonoma<14.3
Apple iPadOS<17.3
and 4 more
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636.
Studionetworksolutions Sharebrowser<7.0
Apple macOS
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Apple macOS
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit...
Adobe Substance 3D Stager<=2.1.3
Apple macOS
Microsoft Windows
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information v...
Heimdalsecurity Thor<3.7.0
Microsoft Windows
Heimdalsecurity Thor<=2.6.9
Apple macOS
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlat...
Heimdalsecurity Thor<=3.5.3
Microsoft Windows
Heimdalsecurity Thor<=2.6.9
Apple macOS
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensi...
Heimdalsecurity Thor<=3.5.3
Microsoft Windows
Heimdalsecurity Thor<=2.6.9
Apple macOS
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux,...
Mozilla Firefox ESR<115.6
Mozilla Thunderbird<115.6
Mozilla Firefox<121
redhat/firefox<115.6
redhat/thunderbird<115.6
ubuntu/firefox<121.0+
and 16 more
WindowServer. A session rendering issue was addressed with improved session tracking.
Apple macOS Sonoma<14.2.1
Apple macOS>=14.0<14.2.1
ZDI-CAN-22173: Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability
Adobe After Effects<=23.6.0
Adobe After Effects>=24.0<=24.0.3
Apple macOS
Microsoft Windows
ZDI-CAN-22175: Adobe After Effects AEP File Parsing Memory Corruption Remote Code Execution Vulnerability
Adobe After Effects<=23.6.0
Adobe After Effects>=24.0<=24.0.3
Apple macOS
Microsoft Windows
ZDI-CAN-22174: Adobe After Effects AEP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe After Effects<=23.6.0
Adobe After Effects>=24.0<=24.0.3
Apple macOS
Microsoft Windows
ZDI-CAN-22172: Adobe After Effects AEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe After Effects<=23.6.0
Adobe After Effects>=24.0<=24.0.3
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager v2.1.1 Vulnerability VI
Adobe Substance 3D Stager<=2.1.1
Apple macOS
Microsoft Windows
Adobe Substance 3D Stager v2.1.1 Vulnerability II
Adobe Substance 3D Stager<=2.1.1
Apple macOS
Microsoft Windows
ZDI-CAN-22279: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension<3.4.11
Apple macOS
Microsoft Windows
ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension<3.4.11
Apple macOS
Microsoft Windows
ZDI-CAN-22249: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension<3.4.11
Apple macOS
Microsoft Windows
ZDI-CAN-22284: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Dimension<3.4.11
Apple macOS
Microsoft Windows
ZDI-CAN-21791: Adobe Prelude MP4 File Uninitialized Variable Information Disclosure Vulnerability
Adobe Prelude<=22.6
Apple macOS
Microsoft Windows
Adobe InDesign CC 2023 Memory Corruption Vulnerability IV.
Adobe InDesign>=17.0<=17.4.2
Adobe InDesign=19.0
Apple macOS
Microsoft Windows
Adobe InDesign CC 2023 Memory Corruption Vulnerability VI.
Adobe InDesign>=17.0<=17.4.2
Adobe InDesign=19.0
Apple macOS
Microsoft Windows
Adobe Illustrator 2023 CC 27.7 Memory Corruption Out-Of-Bounds-Write Vulnerability IV.
Adobe Illustrator>=27.0<=27.9
Adobe Illustrator=28.0
Apple macOS
Microsoft Windows
Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
ubuntu/openssh<1:7.2
ubuntu/openssh<1:7.6
ubuntu/openssh<1:9.5
ubuntu/openssh<1:8.2
ubuntu/openssh<1:8.9
ubuntu/openssh<1:9.0
and 118 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203