Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-7051 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7050 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7049 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7048 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7047 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7046 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7045 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7044 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7043 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7042 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7041 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-7040 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7039 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7038 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7037 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7036 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7035 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7034 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7033 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7032 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7031 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7030 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7029 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7028 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7097 | 3 Adobe, Apple, Microsoft | 3 Dreamweaver, Macos, Windows | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack. | |||||
| CVE-2019-7844 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7842 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Successful exploitation could lead to remote code execution. | |||||
| CVE-2019-0976 | 3 Apple, Linux, Microsoft | 3 Macos, Linux Kernel, Nuget | 2021-09-08 | 2.1 LOW | 5.5 MEDIUM |
| A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'. | |||||
| CVE-2019-8342 | 2 Apple, Foxitsoftware | 2 Macos, Foxit Reader | 2021-09-08 | 4.6 MEDIUM | 7.8 HIGH |
| A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set. | |||||
| CVE-2019-9847 | 3 Apple, Libreoffice, Microsoft | 3 Macos, Libreoffice, Windows | 2021-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3. | |||||
| CVE-2019-0757 | 3 Apple, Microsoft, Mono-project | 6 Macos, .net Core, .net Core Sdk and 3 more | 2021-09-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. | |||||
| CVE-2018-1882 | 5 Apple, Ibm, Linux and 2 more | 7 Macos, Aix, Spectrum Protect Backup-archive Client and 4 more | 2021-09-08 | 1.9 LOW | 4.7 MEDIUM |
| In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968. | |||||
| CVE-2019-5780 | 5 Apple, Debian, Fedoraproject and 2 more | 7 Macos, Debian Linux, Fedora and 4 more | 2021-09-08 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events. | |||||
| CVE-2019-5759 | 5 Apple, Debian, Fedoraproject and 2 more | 8 Macos, Debian Linux, Fedora and 5 more | 2021-09-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2018-6162 | 4 Apple, Debian, Google and 1 more | 6 Macos, Debian Linux, Chrome and 3 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-6151 | 6 Apple, Debian, Google and 3 more | 9 Macos, Debian Linux, Chrome and 6 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. | |||||
| CVE-2018-6113 | 4 Apple, Debian, Google and 1 more | 6 Macos, Debian Linux, Chrome and 3 more | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2018-6097 | 4 Apple, Debian, Google and 1 more | 6 Macos, Debian Linux, Chrome and 3 more | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page. | |||||
| CVE-2018-6084 | 4 Apple, Debian, Google and 1 more | 6 Macos, Debian Linux, Chrome and 3 more | 2021-09-08 | 7.2 HIGH | 7.8 HIGH |
| Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file. | |||||
| CVE-2018-16080 | 2 Apple, Google | 2 Macos, Chrome | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2018-15332 | 3 Apple, F5, Linux | 4 Macos, Big-ip Access Policy Manager, Big-ip Access Policy Manager Client and 1 more | 2021-09-08 | 4.4 MEDIUM | 7.0 HIGH |
| The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition. | |||||
| CVE-2018-18865 | 3 Apple, Microsoft, Royalapplications | 4 Macos, Windows, Royal Ts and 1 more | 2021-09-08 | 4.3 MEDIUM | 8.1 HIGH |
| The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 (Release Date 2018-09-13) allow Credentials Disclosure. | |||||
| CVE-2018-0701 | 3 Apple, Bluestacks, Microsoft | 3 Macos, Bluestacks, Windows | 2021-09-08 | 5.8 MEDIUM | 8.8 HIGH |
| BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized access. | |||||
| CVE-2018-16962 | 2 Apple, Webroot | 2 Macos, Secureanywhere | 2021-09-08 | 7.2 HIGH | 7.8 HIGH |
| Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges. | |||||
| CVE-2018-12811 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution. | |||||
| CVE-2018-12810 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution. | |||||
| CVE-2018-15670 | 2 Apple, Bloop | 2 Macos, Airmail | 2021-09-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that OpenURL is the default URL handler. A navigation request is processed by the default URL handler only if the currentEvent is NX_LMOUSEUP or NX_OMOUSEUP. An attacker may abuse HTML elements with an EventHandler for a chance to validate navigation requests for URLs that are processed during the NX_LMOUSEUP event triggered by clicking an email. | |||||
| CVE-2018-5546 | 3 Apple, F5, Linux | 4 Macos, Big-ip Access Policy Manager, Big-ip Access Policy Manager Client and 1 more | 2021-09-08 | 7.2 HIGH | 7.8 HIGH |
| The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host. | |||||
| CVE-2018-0387 | 3 Apple, Cisco, Microsoft | 3 Macos, Webex Teams, Windows | 2021-09-08 | 9.3 HIGH | 8.8 HIGH |
| A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could exploit the vulnerability by sending a user a malicious link and persuading the user to follow the link. A successful exploit could allow the attacker to execute arbitrary code on the user's system. Cisco Bug IDs: CSCvh66250. | |||||
| CVE-2018-4946 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||