Filtered by vendor Apple
Subscribe
Total
12395 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-8577 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-08 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2025-8579 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-08 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2025-8580 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-08 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2025-8581 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-08 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2024-30344 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22733. | |||||
| CVE-2024-30345 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22742. | |||||
| CVE-2024-30346 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22745. | |||||
| CVE-2024-30348 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911. | |||||
| CVE-2025-8583 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-08-08 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2024-30351 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22799. | |||||
| CVE-2024-30354 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22808. | |||||
| CVE-2024-30357 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818. | |||||
| CVE-2024-30343 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22721. | |||||
| CVE-2024-30342 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22720. | |||||
| CVE-2020-3999 | 2 Apple, Vmware | 4 Mac Os X, Esxi, Fusion and 1 more | 2025-08-08 | 2.1 LOW | 6.5 MEDIUM |
| VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition. | |||||
| CVE-2024-30336 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-08-07 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22642. | |||||
| CVE-2025-1223 | 2 Apple, Citrix | 2 Macos, Secure Access Client | 2025-08-06 | N/A | 6.1 MEDIUM |
| An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | |||||
| CVE-2025-1222 | 2 Apple, Citrix | 2 Macos, Secure Access Client | 2025-08-06 | N/A | 6.1 MEDIUM |
| An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | |||||
| CVE-2025-43276 | 1 Apple | 1 Macos | 2025-08-06 | N/A | 5.3 MEDIUM |
| A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15.6. iCloud Private Relay may not activate when more than one user is logged in at the same time. | |||||
| CVE-2025-43228 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2025-08-04 | N/A | 4.3 MEDIUM |
| The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing. | |||||