Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-24097

Summary
Assigner-apple
Assigner Org ID-286789f9-fbc2-4510-9f9a-43facdede74c
Published At-31 Mar, 2025 | 22:24
Updated At-01 Apr, 2025 | 04:23
Rejected At-
Credits

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apple
Assigner Org ID:286789f9-fbc2-4510-9f9a-43facdede74c
Published At:31 Mar, 2025 | 22:24
Updated At:01 Apr, 2025 | 04:23
Rejected At:
▼CVE Numbering Authority (CNA)

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata.

Affected Products
Vendor
Apple Inc.Apple
Product
tvOS
Versions
Affected
  • From unspecified before 18.4 (custom)
Vendor
Apple Inc.Apple
Product
iOS and iPadOS
Versions
Affected
  • From unspecified before 18.4 (custom)
Vendor
Apple Inc.Apple
Product
macOS
Versions
Affected
  • From unspecified before 15.4 (custom)
Vendor
Apple Inc.Apple
Product
macOS
Versions
Affected
  • From unspecified before 14.7 (custom)
Problem Types
TypeCWE IDDescription
N/AN/AAn app may be able to read arbitrary file metadata
Type: N/A
CWE ID: N/A
Description: An app may be able to read arbitrary file metadata
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.apple.com/en-us/122377
N/A
https://support.apple.com/en-us/122371
N/A
https://support.apple.com/en-us/122373
N/A
https://support.apple.com/en-us/122374
N/A
Hyperlink: https://support.apple.com/en-us/122377
Resource: N/A
Hyperlink: https://support.apple.com/en-us/122371
Resource: N/A
Hyperlink: https://support.apple.com/en-us/122373
Resource: N/A
Hyperlink: https://support.apple.com/en-us/122374
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.15.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@apple.com
Published At:31 Mar, 2025 | 23:15
Updated At:04 Apr, 2025 | 18:19

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
CPE Matches
Apple Inc.
apple
>>ipados>>Versions before 18.4(exclusive)
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>Versions before 18.4(exclusive)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>macos>>Versions before 14.7.5(exclusive)
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>macos>>Versions before 15.4(exclusive)
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>tvos>>Versions before 18.4(exclusive)
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-125
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.apple.com/en-us/122371product-security@apple.com
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122373product-security@apple.com
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122374product-security@apple.com
Release Notes
Vendor Advisory
https://support.apple.com/en-us/122377product-security@apple.com
Release Notes
Vendor Advisory
Hyperlink: https://support.apple.com/en-us/122371
Source: product-security@apple.com
Resource:
Release Notes
Vendor Advisory
Hyperlink: https://support.apple.com/en-us/122373
Source: product-security@apple.com
Resource:
Release Notes
Vendor Advisory
Hyperlink: https://support.apple.com/en-us/122374
Source: product-security@apple.com
Resource:
Release Notes
Vendor Advisory
Hyperlink: https://support.apple.com/en-us/122377
Source: product-security@apple.com
Resource:
Release Notes
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1172Records found
CVE-2018-4949
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.77%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5001
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-1.36% / 79.42%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aGoogle LLCAdobe Inc.Red Hat, Inc.Apple Inc.Microsoft CorporationLinux Kernel Organization, Inc
Product-enterprise_linux_serverlinux_kernelwindows_8.1enterprise_linux_workstationchrome_osmac_os_xwindowsflash_player_desktop_runtimewindows_10enterprise_linux_desktopflash_playerAdobe Flash Player 29.0.0.171 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4979
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-2.16% / 83.61%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Security Bypass vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-1833
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-1.21% / 78.20%
||
7 Day CHG+0.29%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

Action-Not Available
Vendor-n/aApple Inc.Canonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxMcAfee, LLCRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_auslibxml2watchosubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4967
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.77%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5061
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-9.14% / 92.36%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4981
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.77%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4957
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.77%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-18313
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-2.70% / 85.31%
||
7 Day CHG+0.04%
Published-07 Dec, 2018 | 21:00
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

Action-Not Available
Vendor-perln/aRed Hat, Inc.Apple Inc.NetApp, Inc.Canonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxsnapdrivedebian_linuxe-series_santricity_os_controllerperlenterprise_linuxmac_os_xsnap_creator_frameworksnapcentern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5031
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-9.10% / 92.34%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5014
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-9.10% / 92.34%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4973
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.77%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4962
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.20% / 83.77%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5033
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-9.10% / 92.34%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-1839
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-10.77% / 93.06%
||
7 Day CHG+2.92%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

Action-Not Available
Vendor-n/aApple Inc.Canonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxMcAfee, LLCRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_auslibxml2watchosubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16015
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-1.58% / 80.89%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15923
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16006
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-2.83% / 85.65%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15996
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-2.83% / 85.65%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15922
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsacrobat_reader_dcmac_os_xAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4255
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.91%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1768
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.55%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:55
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osmacosmac_os_xipadosmacOSiOS and iPadOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15925
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4256
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.91%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42833
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.88%
||
7 Day CHG~0.00%
Published-27 Feb, 2023 | 00:00
Updated-11 Mar, 2025 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16005
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-1.91% / 82.54%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15948
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4136
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.99%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 06:00
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4160
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.99%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 06:00
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4282
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.43%
||
7 Day CHG~0.00%
Published-03 Apr, 2019 | 17:43
Updated-05 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_oswatchostvosiOS, tvOS, watchOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16010
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-5.20% / 89.53%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15984
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-3.00% / 86.05%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1790
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.31% / 53.28%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 18:02
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted font may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-macosmac_os_xmacOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16033
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-1.52% / 80.52%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-4194
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.48%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Action-Not Available
Vendor-n/aApple Inc.Microsoft Corporation
Product-itunesiphone_oswatchosmac_os_xwindowsicloudn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16047
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-1.91% / 82.53%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15942
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15947
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16229
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.97% / 85.98%
||
7 Day CHG-10.98%
Published-03 Oct, 2019 | 15:48
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.tcpdump & libpcapFedora ProjectRed Hat, Inc.openSUSEF5, Inc.
Product-debian_linuxfedoraenterprise_linuxmac_os_xtraffix_signaling_delivery_controllertcpdumpleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15989
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-3.00% / 86.05%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-windowsacrobat_reader_dcacrobat_dcmac_os_xn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1753
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.69%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 18:20
Updated-03 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipad_osmacosmac_os_xmacOSiOS and iPadOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1830
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.41%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 14:43
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadosiOS and iPadOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1877
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.44%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 14:48
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadosiOS and iPadOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15932
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-25.27% / 95.98%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16022
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-3.00% / 86.05%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16024
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-6.5||MEDIUM
EPSS-1.91% / 82.54%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10226
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.34%
||
7 Day CHG~0.00%
Published-03 Apr, 2017 | 05:44
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15949
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-2.25% / 83.95%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16020
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-3.00% / 86.05%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-16012
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-1.58% / 80.89%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 23
  • 24
  • Next
Details not found