Total
2350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30771 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution. | |||||
| CVE-2021-30925 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-03-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| The issue was addressed with improved permissions logic. This issue is fixed in watchOS 8, macOS Big Sur 11.6, iOS 15 and iPadOS 15. A malicious application may be able to bypass Privacy preferences. | |||||
| CVE-2021-30856 | 1 Apple | 1 Macos | 2022-03-25 | 5.8 MEDIUM | 9.1 CRITICAL |
| This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences. | |||||
| CVE-2022-22644 | 1 Apple | 1 Macos | 2022-03-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to access information about a user's contacts. | |||||
| CVE-2022-22621 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-24 | 2.1 LOW | 4.6 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions. | |||||
| CVE-2022-22632 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, watchOS 8.5, macOS Monterey 12.3. A malicious application may be able to elevate privileges. | |||||
| CVE-2022-22641 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. | |||||
| CVE-2022-22660 | 1 Apple | 1 Macos | 2022-03-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI. | |||||
| CVE-2022-22612 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. | |||||
| CVE-2022-22611 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2022-22669 | 1 Apple | 1 Macos | 2022-03-24 | 7.2 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22609 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-24 | 5.0 MEDIUM | 7.5 HIGH |
| The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications' settings. | |||||
| CVE-2022-22600 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences. | |||||
| CVE-2021-40787 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2022-03-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-40786 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2022-03-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-40785 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2022-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-40788 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2022-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-40789 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2022-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-40793 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2022-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-40792 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2022-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||