Mac Os X Security Vulnerabilities and Issues — Page 13 of Mac Os X CVE List

Lucene search

AppleMac Os X

3225 matches found

CVE•added 2024/07/29 11:15 p.m.•85 views

CVE-2024-40782

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process cr...

9.8CVSS6AI score0.02112EPSS

CVE•added 2002/08/12 4:0 a.m.•84 views

CVE-2002-0655

OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.

7.5CVSS9.5AI score0.00883EPSS

CVE•added 2006/09/19 9:7 p.m.•84 views

CVE-2006-4887

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is ...

7.2CVSS6.9AI score0.00068EPSS

CVE•added 2009/08/21 5:30 p.m.•84 views

CVE-2009-2474

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Ce...

5.8CVSS6AI score0.01808EPSS

CVE•added 2018/03/12 2:29 a.m.•84 views

CVE-2014-8130

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated ...

6.5CVSS7.2AI score0.02075EPSS

CVE•added 2015/12/15 9:59 p.m.•84 views

CVE-2015-8242

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.

5.8CVSS6.8AI score0.02566EPSS

CVE•added 2018/06/08 6:29 p.m.•84 views

CVE-2018-4225

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00046EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4326

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

7.8CVSS7.3AI score0.00306EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4399

An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

5.5CVSS6.1AI score0.00296EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4420

A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

9.3CVSS7.2AI score0.00185EPSS

CVE•added 2019/12/18 6:15 p.m.•84 views

CVE-2019-8560

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory.

5.5CVSS5.3AI score0.00269EPSS

CVE•added 2019/12/18 6:15 p.m.•84 views

CVE-2019-8577

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.

7.8CVSS7.5AI score0.00244EPSS

CVE•added 2020/10/27 8:15 p.m.•84 views

CVE-2019-8592

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Securit...

7.8CVSS8.3AI score0.00433EPSS

CVE•added 2020/10/27 8:15 p.m.•84 views

CVE-2019-8706

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to ...

7.8CVSS8.3AI score0.00485EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2020-29608

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14...

5.5CVSS5.5AI score0.00698EPSS

CVE•added 2020/02/27 9:15 p.m.•84 views

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory.

5.5CVSS5.1AI score0.00325EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-3919

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00266EPSS

CVE•added 2020/10/22 6:15 p.m.•84 views

CVE-2020-9883

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.01107EPSS

CVE•added 2020/10/16 5:15 p.m.•84 views

CVE-2020-9889

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00447EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1741

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execu...

7.8CVSS8AI score0.00462EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1743

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execu...

7.8CVSS7.6AI score0.00462EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1745

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or ar...

9.3CVSS7.7AI score0.00238EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1750

Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.0019EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1760

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application could execute arbitrary code leading to co...

5.5CVSS7.1AI score0.00322EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1767

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to heap corruption.

9.3CVSS6.9AI score0.00115EPSS

CVE•added 2021/09/08 3:15 p.m.•84 views

CVE-2021-1834

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges.

10CVSS8.6AI score0.01063EPSS

CVE•added 2021/09/08 3:15 p.m.•84 views

CVE-2021-1840

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A local attacker may be able to elevate their privileges.

7.8CVSS7.6AI score0.00069EPSS

CVE•added 2021/09/08 3:15 p.m.•84 views

CVE-2021-30708

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or ar...

7.8CVSS8AI score0.00376EPSS

CVE•added 2021/09/08 2:15 p.m.•84 views

CVE-2021-30760

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8.2AI score0.00428EPSS

CVE•added 2021/09/08 2:15 p.m.•84 views

CVE-2021-30777

An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.

9.3CVSS7.7AI score0.00565EPSS

CVE•added 2021/08/24 7:15 p.m.•84 views

CVE-2021-30876

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process mem...

7.1CVSS6.2AI score0.00364EPSS

CVE•added 2021/08/24 7:15 p.m.•84 views

CVE-2021-30892

An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.6AI score0.01566EPSS

CVE•added 2022/08/24 8:15 p.m.•84 views

CVE-2022-32813

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00082EPSS

CVE•added 2010/03/05 7:30 p.m.•83 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client ...

7.5CVSS7.4AI score0.09847EPSS

CVE•added 2013/09/19 10:27 a.m.•83 views

CVE-2011-2391

The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.

6.1CVSS4.1AI score0.01129EPSS

CVE•added 2015/11/22 3:59 a.m.•83 views

CVE-2015-7036

The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.

7.5CVSS6.6AI score0.03068EPSS

CVE•added 2017/11/13 3:29 a.m.•83 views

CVE-2017-13816

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.

7.8CVSS8.5AI score0.00636EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4193

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS6.9AI score0.18056EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4198

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file...

5.5CVSS5.3AI score0.0046EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4226

5.5CVSS5.3AI score0.00047EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4230

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race...

7.6CVSS7.3AI score0.02569EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4398

An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.

7.5CVSS6.9AI score0.00526EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4463

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.

9.3CVSS7.2AI score0.00171EPSS

CVE•added 2019/03/05 4:29 p.m.•83 views

CVE-2019-6221

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

7.8CVSS7.1AI score0.00259EPSS

CVE•added 2020/10/27 8:15 p.m.•83 views

CVE-2019-8756

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 ...

9.8CVSS7.9AI score0.01253EPSS

CVE•added 2020/04/01 6:15 p.m.•83 views

CVE-2020-3910

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01174EPSS

CVE•added 2020/04/01 6:15 p.m.•83 views

CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01563EPSS

CVE•added 2020/06/09 5:15 p.m.•83 views

CVE-2020-9791

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS

CVE•added 2020/06/09 5:15 p.m.•83 views

CVE-2020-9815

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS

CVE•added 2020/10/22 6:15 p.m.•83 views

CVE-2020-9873

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS

Total number of security vulnerabilities3225