Mac Os X Security Vulnerabilities and Issues — Page 11 of Mac Os X CVE List

Lucene search

AppleMac Os X

3225 matches found

CVE•added 2011/08/29 3:55 p.m.•91 views

CVE-2011-2821

Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

7.5CVSS8.7AI score0.01915EPSS

CVE•added 2013/12/17 3:21 p.m.•91 views

CVE-2013-7127

Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file.

2.1CVSS5.2AI score0.00121EPSS

CVE•added 2017/12/25 9:29 p.m.•91 views

CVE-2017-13868

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.09858EPSS

CVE•added 2017/04/02 1:59 a.m.•91 views

CVE-2017-2416

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of servi...

7.8CVSS8.6AI score0.00808EPSS

CVE•added 2019/01/11 6:29 p.m.•91 views

CVE-2018-4194

In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

8.8CVSS6.7AI score0.00536EPSS

CVE•added 2019/12/18 6:15 p.m.•91 views

CVE-2019-8786

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00477EPSS

CVE•added 2020/10/27 8:15 p.m.•91 views

CVE-2019-8829

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges...

9.3CVSS7.8AI score0.00182EPSS

CVE•added 2021/04/02 6:15 p.m.•91 views

CVE-2021-1747

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing maliciously crafted web content may lead to code execution...

7.8CVSS7.9AI score0.00409EPSS

CVE•added 2021/10/28 7:15 p.m.•91 views

CVE-2021-30821

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00292EPSS

CVE•added 2022/05/26 7:15 p.m.•91 views

CVE-2022-26715

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges.

9.3CVSS7.7AI score0.00151EPSS

CVE•added 2009/07/10 3:30 p.m.•90 views

CVE-2009-2422

The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentica...

9.8CVSS9.4AI score0.00403EPSS

CVE•added 2017/12/25 9:29 p.m.•90 views

CVE-2017-13855

5.5CVSS4.8AI score0.06249EPSS

CVE•added 2017/07/20 4:29 p.m.•90 views

CVE-2017-7047

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or c...

8.8CVSS7.7AI score0.22491EPSS

CVE•added 2020/10/27 8:15 p.m.•90 views

CVE-2019-8746

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. ...

9.8CVSS8.2AI score0.02306EPSS

CVE•added 2020/10/27 8:15 p.m.•90 views

CVE-2019-8825

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing malic...

8.8CVSS8.4AI score0.00547EPSS

CVE•added 2020/10/27 8:15 p.m.•90 views

CVE-2019-8832

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code w...

9.3CVSS7.6AI score0.00484EPSS

CVE•added 2020/10/27 9:15 p.m.•90 views

CVE-2019-8850

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose res...

5.5CVSS5.8AI score0.00299EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-1808

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.

7.5CVSS7.2AI score0.00542EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-1809

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.

7.5CVSS7.2AI score0.00542EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-1843

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00344EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-30686

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory.

5.5CVSS5.5AI score0.00296EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-30701

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00727EPSS

CVE•added 2021/09/08 2:15 p.m.•90 views

CVE-2021-30725

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination o...

7.8CVSS8.3AI score0.00406EPSS

CVE•added 2021/10/19 2:15 p.m.•90 views

CVE-2021-30832

A memory corruption issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

7.8CVSS6.9AI score0.00067EPSS

CVE•added 2009/04/17 12:30 a.m.•89 views

CVE-2009-0946

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

7.5CVSS8.8AI score0.11816EPSS

CVE•added 2017/12/25 9:29 p.m.•89 views

CVE-2017-13867

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.02252EPSS

CVE•added 2017/11/29 5:29 p.m.•89 views

CVE-2017-13872

An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user nam...

9.3CVSS6.6AI score0.76664EPSS

CVE•added 2019/04/03 6:29 p.m.•89 views

CVE-2018-4291

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.

10CVSS7AI score0.00717EPSS

CVE•added 2019/12/18 6:15 p.m.•89 views

CVE-2019-8602

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.

7.8CVSS7.7AI score0.0077EPSS

CVE•added 2021/04/02 6:15 p.m.•89 views

CVE-2020-27937

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to access private information.

5.5CVSS5.2AI score0.00583EPSS

CVE•added 2020/06/09 5:15 p.m.•89 views

CVE-2020-9816

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

9.3CVSS7.8AI score0.00484EPSS

CVE•added 2020/10/22 6:15 p.m.•89 views

CVE-2020-9875

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.00344EPSS

CVE•added 2020/12/08 8:15 p.m.•89 views

CVE-2020-9966

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00788EPSS

CVE•added 2021/04/02 6:15 p.m.•89 views

CVE-2021-1772

A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execu...

7.8CVSS7.6AI score0.00728EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-1883

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption.

5.5CVSS5.8AI score0.00994EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-30691

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.5AI score0.00269EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-30704

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.00361EPSS

CVE•added 2022/03/18 6:15 p.m.•89 views

CVE-2022-22650

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application's permissions and access user data.

5.5CVSS5.6AI score0.00103EPSS

CVE•added 2022/09/23 7:15 p.m.•89 views

CVE-2022-32853

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.

7.1CVSS6.8AI score0.00036EPSS

CVE•added 2002/08/12 4:0 a.m.•88 views

CVE-2002-0659

The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.

5CVSS8.2AI score0.12032EPSS

CVE•added 2004/11/23 5:0 a.m.•88 views

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5CVSS7.2AI score0.02271EPSS

CVE•added 2004/11/23 5:0 a.m.•88 views

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-b...

5CVSS7.2AI score0.00942EPSS

CVE•added 2019/12/18 6:15 p.m.•88 views

CVE-2019-8513

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.

7.8CVSS7.5AI score0.11275EPSS

CVE•added 2019/12/18 6:15 p.m.•88 views

CVE-2019-8628

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00588EPSS

CVE•added 2019/12/18 6:15 p.m.•88 views

CVE-2019-8784

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.

9.3CVSS7.9AI score0.00499EPSS

CVE•added 2020/02/27 9:15 p.m.•88 views

CVE-2020-3856

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption.

9.3CVSS7.2AI score0.00352EPSS

CVE•added 2021/09/08 3:15 p.m.•88 views

CVE-2021-1740

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.

5.5CVSS5.5AI score0.00069EPSS

CVE•added 2021/04/02 6:15 p.m.•88 views

CVE-2021-1776

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted font file may lead to arbitrary...

7.8CVSS7.8AI score0.00402EPSS

CVE•added 2021/09/08 3:15 p.m.•88 views

CVE-2021-30697

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information.

5.5CVSS5.4AI score0.00061EPSS

CVE•added 2021/12/23 8:15 p.m.•88 views

CVE-2021-30767

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A local user may be able to modify protected parts of the file system.

5.5CVSS5.2AI score0.00059EPSS

Total number of security vulnerabilities3225