Mac Os X Security Vulnerabilities and Issues — Page 11 of Mac Os X CVE List

Lucene search

AppleMac Os X

3225 matches found

CVE•added 2018/04/03 6:29 a.m.•93 views

CVE-2018-4139

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.7AI score0.01266EPSS

CVE•added 2018/06/08 6:29 p.m.•93 views

CVE-2018-4223

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a pe...

5.5CVSS5.3AI score0.00072EPSS

CVE•added 2019/03/05 4:29 p.m.•93 views

CVE-2019-6209

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.

5.5CVSS4.9AI score0.06285EPSS

CVE•added 2019/03/05 4:29 p.m.•93 views

CVE-2019-6218

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.4AI score0.08407EPSS

CVE•added 2019/12/18 6:15 p.m.•93 views

CVE-2019-8600

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.

9.8CVSS8.5AI score0.03382EPSS

CVE•added 2020/10/27 8:15 p.m.•93 views

CVE-2019-8830

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via...

9.3CVSS7.7AI score0.01747EPSS

CVE•added 2020/10/27 9:15 p.m.•93 views

CVE-2019-8856

An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra....

4.3CVSS4.1AI score0.0021EPSS

CVE•added 2020/02/27 9:15 p.m.•93 views

CVE-2020-3857

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

7.8CVSS7.6AI score0.00226EPSS

CVE•added 2020/06/09 5:15 p.m.•93 views

CVE-2020-9827

A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A remote attacker may be able to cause a denial of service.

7.5CVSS6.7AI score0.00821EPSS

CVE•added 2021/09/08 3:15 p.m.•93 views

CVE-2021-1881

An out-of-bounds read was addressed with improved input validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted font file may lead to arbitrary code ...

7.8CVSS8AI score0.00502EPSS

CVE•added 2021/08/24 7:15 p.m.•93 views

CVE-2021-30881

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code executio...

7.8CVSS7.4AI score0.00574EPSS

CVE•added 2009/07/10 3:30 p.m.•92 views

CVE-2009-2422

The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentica...

9.8CVSS9.4AI score0.00403EPSS

CVE•added 2017/11/29 5:29 p.m.•92 views

CVE-2017-13872

An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user nam...

9.3CVSS6.6AI score0.76664EPSS

CVE•added 2018/04/03 6:29 a.m.•92 views

CVE-2017-7000

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.5AI score0.00615EPSS

CVE•added 2017/07/20 4:29 p.m.•92 views

CVE-2017-7047

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or c...

8.8CVSS7.7AI score0.22491EPSS

CVE•added 2019/01/11 6:29 p.m.•92 views

CVE-2018-4194

In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

8.8CVSS6.7AI score0.00536EPSS

CVE•added 2019/12/18 6:15 p.m.•92 views

CVE-2019-8786

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00477EPSS

CVE•added 2020/10/27 8:15 p.m.•92 views

CVE-2019-8829

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges...

9.3CVSS7.8AI score0.00182EPSS

CVE•added 2021/04/02 6:15 p.m.•92 views

CVE-2021-1747

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing maliciously crafted web content may lead to code execution...

7.8CVSS7.9AI score0.00785EPSS

CVE•added 2021/09/08 3:15 p.m.•92 views

CVE-2021-1843

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00344EPSS

CVE•added 2021/09/08 3:15 p.m.•92 views

CVE-2021-1883

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption.

5.5CVSS5.8AI score0.00994EPSS

CVE•added 2021/10/28 7:15 p.m.•92 views

CVE-2021-30821

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00292EPSS

CVE•added 2022/05/26 7:15 p.m.•92 views

CVE-2022-26715

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges.

9.3CVSS7.7AI score0.00151EPSS

CVE•added 2004/11/23 5:0 a.m.•91 views

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-b...

5CVSS7.2AI score0.00721EPSS

CVE•added 2017/12/25 9:29 p.m.•91 views

CVE-2017-13855

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.06249EPSS

CVE•added 2019/12/18 6:15 p.m.•91 views

CVE-2019-8513

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.

7.8CVSS7.5AI score0.11275EPSS

CVE•added 2020/10/27 8:15 p.m.•91 views

CVE-2019-8746

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. ...

9.8CVSS8.2AI score0.02306EPSS

CVE•added 2020/10/27 8:15 p.m.•91 views

CVE-2019-8825

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing malic...

8.8CVSS8.4AI score0.00547EPSS

CVE•added 2020/10/27 8:15 p.m.•91 views

CVE-2019-8832

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code w...

9.3CVSS7.6AI score0.00484EPSS

CVE•added 2020/10/27 9:15 p.m.•91 views

CVE-2019-8850

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose res...

5.5CVSS5.8AI score0.00299EPSS

CVE•added 2020/12/08 8:15 p.m.•91 views

CVE-2020-9966

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00788EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-1808

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.

7.5CVSS7.2AI score0.00542EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-1809

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to read restricted memory.

7.5CVSS7.2AI score0.00542EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-30686

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory.

5.5CVSS5.5AI score0.00296EPSS

CVE•added 2021/09/08 3:15 p.m.•91 views

CVE-2021-30701

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00727EPSS

CVE•added 2021/09/08 2:15 p.m.•91 views

CVE-2021-30725

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination o...

7.8CVSS8.3AI score0.00406EPSS

CVE•added 2021/10/19 2:15 p.m.•91 views

CVE-2021-30832

A memory corruption issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

7.8CVSS6.9AI score0.00067EPSS

CVE•added 2002/08/12 4:0 a.m.•90 views

CVE-2002-0659

The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.

5CVSS8.2AI score0.09539EPSS

CVE•added 2017/12/25 9:29 p.m.•90 views

CVE-2017-13867

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.02252EPSS

CVE•added 2018/06/08 6:29 p.m.•90 views

CVE-2018-4193

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS6.9AI score0.18056EPSS

CVE•added 2019/04/03 6:29 p.m.•90 views

CVE-2018-4291

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.

10CVSS7AI score0.00717EPSS

CVE•added 2019/12/18 6:15 p.m.•90 views

CVE-2019-8602

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.

7.8CVSS7.7AI score0.0077EPSS

CVE•added 2019/12/18 6:15 p.m.•90 views

CVE-2019-8784

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.

9.3CVSS7.9AI score0.00499EPSS

CVE•added 2021/04/02 6:15 p.m.•90 views

CVE-2020-27937

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to access private information.

5.5CVSS5.2AI score0.00583EPSS

CVE•added 2020/06/09 5:15 p.m.•90 views

CVE-2020-9816

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

9.3CVSS7.8AI score0.00484EPSS

CVE•added 2020/10/22 6:15 p.m.•90 views

CVE-2020-9875

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.00344EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-1740

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.

5.5CVSS5.5AI score0.00069EPSS

CVE•added 2021/04/02 6:15 p.m.•90 views

CVE-2021-1772

A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execu...

7.8CVSS7.6AI score0.00683EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-30691

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.5AI score0.00269EPSS

CVE•added 2021/09/08 3:15 p.m.•90 views

CVE-2021-30704

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.00361EPSS

Total number of security vulnerabilities3225