Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Filtered by product Garageband
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-22657 1 Apple 3 Garageband, Logic Pro X, Macos 2022-03-25 6.8 MEDIUM 7.8 HIGH
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
CVE-2022-22664 1 Apple 3 Garageband, Logic Pro X, Macos 2022-03-25 6.8 MEDIUM 7.8 HIGH
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
CVE-2021-30654 1 Apple 1 Garageband 2021-09-17 2.1 LOW 5.5 MEDIUM
This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information.
CVE-2009-2198 1 Apple 1 Garageband 2017-08-16 4.3 MEDIUM N/A
Apple GarageBand before 5.1 reconfigures Safari to accept all cookies regardless of domain name, which makes it easier for remote web servers to track users.
CVE-2017-2372 1 Apple 2 Garageband, Logic Pro X 2017-07-25 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file.
CVE-2017-2374 1 Apple 1 Garageband 2017-07-24 6.8 MEDIUM 7.8 HIGH
An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file.