Macos Security Vulnerabilities

CVE-2018-4304

A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS...

CVE-2018-4308

An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave...

CVE-2018-4310

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave...

CVE-2018-4285

A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4286

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4289

An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra...

CVE-2018-4291

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4283

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra...

CVE-2018-4287

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4288

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4295

An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave...

CVE-2018-4276

A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra...

CVE-2018-4280

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS...

CVE-2018-4293

A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows...

CVE-2018-4269

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows...

CVE-2018-4268

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4259

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra...

CVE-2018-4248

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS...

CVE-2018-4203

An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS...

CVE-2018-4178

A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra...

CVE-2018-4126

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows...

CVE-2018-4153

An injection issue was addressed with improved validation. This issue affected versions prior to macOS Mojave...

CVE-2017-7151

A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra...

CVE-2017-13911

A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra...

CVE-2018-20234

There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain.....

CVE-2019-6225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate...

CVE-2019-6230

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its...

CVE-2019-6231

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted...

CVE-2019-6224

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code...

CVE-2019-6223

A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to...

CVE-2019-6220

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.3. An application may be able to read restricted...

CVE-2019-6221

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate...

CVE-2019-6218

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel...

CVE-2019-6219

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of...

CVE-2019-6214

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its...

CVE-2019-6213

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel...

CVE-2019-6202

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate...

CVE-2019-6211

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code...

CVE-2019-6210

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel...

CVE-2019-6208

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between...

CVE-2019-6209

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory...

CVE-2019-6200

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary...

CVE-2019-6205

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between...

CVE-2019-6235

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox...

CVE-2019-5780

Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple...

CVE-2019-5759

Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

CVE-2018-6151

Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome...

CVE-2018-6162

Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

CVE-2018-6113

Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML...

CVE-2018-6097

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML...