Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Garageband  >> 10.1.4  Security Vulnerabilities
CVE-2024-44142
The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-01-30
CVE-2023-42867
This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-12-20
CVE-2024-23300
A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-03-12
CVE-2022-22664
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-03-18
CVE-2022-22657
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-03-18
CVE-2021-30654
This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-09-08
CVE-2017-2372
An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file.
CVSS Score
8.8
EPSS Score
0.009
Published
2017-02-20
CVE-2017-2374
An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-02-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved