Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
4978 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43512 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-14 | N/A |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to elevate privileges. | ||||
| CVE-2025-43473 | 1 Apple | 2 Macos, Macos Tahoe | 2025-12-14 | N/A |
| This issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data. | ||||
| CVE-2025-46289 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-14 | N/A |
| A logic issue was addressed with improved file handling. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access protected user data. | ||||
| CVE-2025-43509 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-14 | N/A |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access sensitive user data. | ||||
| CVE-2025-43410 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-14 | 2.4 Low |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2. An attacker with physical access may be able to view deleted notes. | ||||
| CVE-2025-43538 | 1 Apple | 2 Macos, Macos Sonoma | 2025-12-14 | N/A |
| A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma 14.8.3. An app may be able to access sensitive user data. | ||||
| CVE-2025-43542 | 1 Apple | 2 Macos, Macos Sequoia | 2025-12-14 | N/A |
| This issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.3. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime. | ||||
| CVE-2025-43539 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-14 | N/A |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. Processing a file may lead to memory corruption. | ||||
| CVE-2025-64785 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-12-12 | 7.8 High |
| Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue does not require user interaction. | ||||
| CVE-2025-64786 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-12-12 | 3.3 Low |
| Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue does not require user interaction. | ||||
| CVE-2025-64787 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-12-12 | 3.3 Low |
| Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass cryptographic protections and gain limited unauthorized write access. Exploitation of this issue does not require user interaction. | ||||
| CVE-2025-64899 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-12-12 | 7.8 High |
| Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-64896 | 2 Adobe, Apple | 3 Creative Cloud, Creative Cloud Desktop Application, Macos | 2025-12-12 | 5.5 Medium |
| Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to disrupt the application's functionality by manipulating temporary files. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-65741 | 2 Apple, Sublimetext | 2 Macos, Sublime Text 3 | 2025-12-12 | 9.8 Critical |
| Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application. | ||||
| CVE-2025-55311 | 3 Apple, Foxit, Microsoft | 3 Macos, Pdf Editor, Windows | 2025-12-12 | 6.5 Medium |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification by hiding document modifications, allowing an attacker to mislead users about the document's integrity and compromise the trustworthiness of signed PDFs. | ||||
| CVE-2025-55310 | 3 Apple, Foxit, Microsoft | 3 Macos, Pdf Editor, Windows | 2025-12-12 | 7.3 High |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other security impacts. | ||||
| CVE-2025-55314 | 3 Apple, Foxit, Microsoft | 3 Macos, Pdf Editor, Windows | 2025-12-12 | 7.8 High |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lead to memory corruption, application crashes, and potentially allow an attacker to execute arbitrary code. | ||||
| CVE-2025-55313 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Editor For Mac and 1 more | 2025-12-12 | 7.8 High |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling of memory allocation failures after assigning an extremely large value to a form field's charLimit property via JavaScript. This can result in memory corruption and may allow an attacker to execute arbitrary code by persuading a user to open a malicious file. | ||||
| CVE-2025-67461 | 2 Apple, Zoom | 3 Macos, Rooms, Zoom | 2025-12-12 | 5 Medium |
| External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access. | ||||
| CVE-2025-55309 | 3 Apple, Foxit, Microsoft | 3 Macos, Pdf Editor, Windows | 2025-12-12 | 6.7 Medium |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change handling prematurely releases the annotation object, resulting in a use-after-free vulnerability that may cause memory corruption or application crashes. | ||||