Mac Os X Security Vulnerabilities and Issues — Page 3 of Mac Os X CVE List

Lucene search

AppleMac Os X

308 matches found

CVE•added 2017/12/25 9:29 p.m.•67 views

CVE-2017-13875

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.

9.3CVSS7.4AI score0.01266EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2407

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of se...

7.8CVSS8.6AI score0.00596EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2428

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2 servers to have an unspec...

9.8CVSS7.3AI score0.00733EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2451

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context or cause...

9.3CVSS8.1AI score0.00488EPSS

CVE•added 2017/07/20 4:29 p.m.•67 views

CVE-2017-7062

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Contacts" component. A buffer overflow allows remote attackers to execute arbitrary code or c...

9.8CVSS8.6AI score0.02108EPSS

CVE•added 2017/10/23 1:29 a.m.•67 views

CVE-2017-7078

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext transmissions.

5.3CVSS5.2AI score0.00208EPSS

CVE•added 2017/11/13 3:29 a.m.•66 views

CVE-2017-13824

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted AppleScript file that is mishandle...

7.8CVSS8.1AI score0.00487EPSS

CVE•added 2017/11/13 3:29 a.m.•66 views

CVE-2017-13840

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

5.5CVSS5.6AI score0.00197EPSS

CVE•added 2017/04/02 1:59 a.m.•66 views

CVE-2017-2432

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of servi...

7.8CVSS8.6AI score0.00905EPSS

CVE•added 2017/04/02 1:59 a.m.•66 views

CVE-2017-2450

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information or cause a denial o...

7.1CVSS6.8AI score0.00614EPSS

CVE•added 2017/04/02 1:59 a.m.•66 views

CVE-2017-2461

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (resource consumption)...

7.5CVSS6.9AI score0.02076EPSS

CVE•added 2017/07/20 4:29 p.m.•66 views

CVE-2017-7009

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "IOUSBFamily" component. It allows attackers to execute arbitrary code in a privileged context...

9.3CVSS8.1AI score0.00183EPSS

CVE•added 2017/10/23 1:29 a.m.•66 views

CVE-2017-7150

An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click.

5.5CVSS5.2AI score0.00069EPSS

CVE•added 2017/12/27 5:8 p.m.•66 views

CVE-2017-7159

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.4AI score0.00229EPSS

CVE•added 2017/02/20 8:59 a.m.•65 views

CVE-2016-4688

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute ar...

8.8CVSS7.6AI score0.01334EPSS

CVE•added 2017/02/20 8:59 a.m.•65 views

CVE-2016-7620

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.

3.3CVSS3.3AI score0.00144EPSS

CVE•added 2017/11/13 3:29 a.m.•65 views

CVE-2017-13813

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.

7.8CVSS8.5AI score0.00636EPSS

CVE•added 2017/11/13 3:29 a.m.•65 views

CVE-2017-13841

5.5CVSS5.6AI score0.00197EPSS

CVE•added 2017/04/02 1:59 a.m.•65 views

CVE-2017-2458

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows attackers to execute arbitrary code in a privileged ...

9.3CVSS7.9AI score0.00701EPSS

CVE•added 2017/04/02 1:59 a.m.•65 views

CVE-2017-2467

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of servi...

7.8CVSS8.6AI score0.00808EPSS

CVE•added 2017/07/20 4:29 p.m.•65 views

CVE-2017-7068

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial...

8.8CVSS8.5AI score0.01802EPSS

CVE•added 2017/10/23 1:29 a.m.•65 views

CVE-2017-7127

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to execute arbitrary code ...

9.3CVSS8.1AI score0.00172EPSS

CVE•added 2017/02/20 8:59 a.m.•64 views

CVE-2016-7617

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.

9.3CVSS6.8AI score0.02663EPSS

CVE•added 2017/11/13 3:29 a.m.•64 views

CVE-2017-13810

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to obtain sensitive information by leveraging an error in packet counters.

5.5CVSS5.4AI score0.00059EPSS

CVE•added 2017/11/13 3:29 a.m.•64 views

CVE-2017-13846

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

10CVSS8.8AI score0.01839EPSS

CVE•added 2017/04/02 1:59 a.m.•64 views

CVE-2017-2390

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change arbitrary directory p...

5.5CVSS5.5AI score0.00086EPSS

CVE•added 2017/04/02 1:59 a.m.•64 views

CVE-2017-2489

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.

5.5CVSS5.2AI score0.01649EPSS

CVE•added 2017/11/13 3:29 a.m.•64 views

CVE-2017-7132

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted Office document.

7.8CVSS8.4AI score0.01103EPSS

CVE•added 2017/11/13 3:29 a.m.•63 views

CVE-2017-13807

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickTime file.

7.8CVSS8.3AI score0.00518EPSS

CVE•added 2017/04/02 1:59 a.m.•63 views

CVE-2017-2439

7.1CVSS6.8AI score0.00614EPSS

CVE•added 2017/05/22 5:29 a.m.•63 views

CVE-2017-2541

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.00402EPSS

CVE•added 2017/10/23 1:29 a.m.•63 views

CVE-2017-7074

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.

5.5CVSS5.7AI score0.00183EPSS

CVE•added 2017/02/20 8:59 a.m.•62 views

CVE-2016-4673

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to execute arbitrary code or cause a denial o...

7.8CVSS8.1AI score0.00732EPSS

CVE•added 2017/11/13 3:29 a.m.•62 views

CVE-2017-13808

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.2AI score0.00164EPSS

CVE•added 2017/12/25 9:29 p.m.•62 views

CVE-2017-13848

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS7AI score0.00176EPSS

CVE•added 2017/04/02 1:59 a.m.•62 views

CVE-2017-2403

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Printing" component. A format-string vulnerability allows remote attackers to execute arbitrary code via a crafted ipp: or ipps: URL.

8.8CVSS8.5AI score0.01022EPSS

CVE•added 2017/04/02 1:59 a.m.•62 views

CVE-2017-2426

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local files via a file: URL in an iBooks file.

4.3CVSS4.5AI score0.00257EPSS

CVE•added 2017/04/02 1:59 a.m.•62 views

CVE-2017-2436

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.00183EPSS

CVE•added 2017/04/02 1:59 a.m.•62 views

CVE-2017-2477

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "libxslt" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

9.8CVSS8.7AI score0.00829EPSS

CVE•added 2017/10/23 1:29 a.m.•62 views

CVE-2017-7124

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

9.8CVSS8.8AI score0.00788EPSS

CVE•added 2017/10/23 1:29 a.m.•62 views

CVE-2017-7141

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via an...

5.3CVSS5.9AI score0.00194EPSS

CVE•added 2017/02/20 8:59 a.m.•61 views

CVE-2016-7657

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.

4.3CVSS3.4AI score0.00201EPSS

CVE•added 2017/02/20 8:59 a.m.•61 views

CVE-2016-7660

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "syslog" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.

7.8CVSS5.9AI score0.00183EPSS

CVE•added 2017/11/13 3:29 a.m.•61 views

CVE-2017-13786

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter.

4.6CVSS5AI score0.00072EPSS

CVE•added 2017/11/13 3:29 a.m.•61 views

CVE-2017-13811

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.2AI score0.00175EPSS

CVE•added 2017/11/13 3:29 a.m.•61 views

CVE-2017-13838

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.00175EPSS

CVE•added 2017/04/02 1:59 a.m.•61 views

CVE-2017-2398

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8AI score0.00173EPSS

CVE•added 2017/04/02 1:59 a.m.•61 views

CVE-2017-2413

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "QuickTime" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted media file.

7.8CVSS8.5AI score0.00542EPSS

CVE•added 2017/10/23 1:29 a.m.•61 views

CVE-2017-7129

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (ap...

9.8CVSS8.6AI score0.01729EPSS

CVE•added 2017/10/23 1:29 a.m.•61 views

CVE-2017-7149

An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally se...

7.8CVSS6.6AI score0.00108EPSS

Total number of security vulnerabilities308