Mac Os X Security Vulnerabilities and Issues — Mac Os X CVE List

Lucene search

AppleMac Os X

33 matches found

CVE•added 2018/06/07 1:29 p.m.•267 views

CVE-2018-12015

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

7.5CVSS7.6AI score0.07707EPSS

CVE•added 2018/06/08 6:29 p.m.•150 views

CVE-2018-4202

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "iBooks" component. It allows man-in-the-middle attackers to spoof a password prompt.

5.9CVSS5.4AI score0.00561EPSS

CVE•added 2018/06/08 6:29 p.m.•133 views

CVE-2018-4211

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of ...

7.8CVSS7.4AI score0.00488EPSS

CVE•added 2018/06/08 6:29 p.m.•110 views

CVE-2018-4240

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted messag...

6.5CVSS5.6AI score0.23346EPSS

CVE•added 2018/06/08 6:29 p.m.•109 views

CVE-2018-4206

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary co...

7.8CVSS7.5AI score0.11202EPSS

CVE•added 2018/06/08 6:29 p.m.•109 views

CVE-2018-4237

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logi...

7.8CVSS5.8AI score0.70337EPSS

CVE•added 2018/06/08 6:29 p.m.•107 views

CVE-2018-4227

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.

7.5CVSS6AI score0.00613EPSS

CVE•added 2018/06/08 6:29 p.m.•105 views

CVE-2018-4241

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary ...

9.3CVSS7AI score0.32986EPSS

CVE•added 2018/06/08 6:29 p.m.•101 views

CVE-2018-4243

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code...

9.3CVSS7AI score0.28347EPSS

CVE•added 2018/06/08 6:29 p.m.•94 views

CVE-2018-4224

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" ...

5.5CVSS5.4AI score0.00044EPSS

CVE•added 2018/06/08 6:29 p.m.•93 views

CVE-2018-4235

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows local users to perform impersonation attacks via an unspecified in...

5.5CVSS5.5AI score0.00181EPSS

CVE•added 2018/06/08 6:29 p.m.•92 views

CVE-2018-4223

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a pe...

5.5CVSS5.3AI score0.00072EPSS

CVE•added 2018/06/08 6:29 p.m.•86 views

CVE-2018-4249

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to ...

9.3CVSS7.2AI score0.00898EPSS

CVE•added 2018/06/08 6:29 p.m.•84 views

CVE-2018-4225

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00046EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4193

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS6.9AI score0.18056EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4198

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file...

5.5CVSS5.3AI score0.0046EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4226

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00047EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4230

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race...

7.6CVSS7.3AI score0.02569EPSS

CVE•added 2018/06/08 6:29 p.m.•75 views

CVE-2018-4187

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message.

6.5CVSS5.8AI score0.00866EPSS

CVE•added 2018/06/08 6:29 p.m.•74 views

CVE-2018-4221

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates.

7.5CVSS6.1AI score0.00505EPSS

CVE•added 2018/06/08 6:29 p.m.•69 views

CVE-2018-4242

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.03987EPSS

CVE•added 2018/06/08 6:29 p.m.•68 views

CVE-2018-4229

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatch" component. It allows attackers to bypass a sandbox protection mechanism by leveraging the misparsing of entitlement plists.

10CVSS6.7AI score0.00774EPSS

CVE•added 2018/06/08 6:29 p.m.•64 views

CVE-2018-4141

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

5.5CVSS5.5AI score0.00197EPSS

CVE•added 2018/06/08 6:29 p.m.•53 views

CVE-2018-4196

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or obtain sensitive information via a crafted app.

9.3CVSS6.6AI score0.00331EPSS

CVE•added 2018/06/08 6:29 p.m.•52 views

CVE-2018-4184

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Speech" component. It allows attackers to bypass a sandbox protection mechanism to obtain microphone access.

7.5CVSS6.5AI score0.00232EPSS

CVE•added 2018/06/08 6:29 p.m.•51 views

CVE-2018-4159

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Graphics Drivers" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

5.5CVSS5AI score0.00197EPSS

CVE•added 2018/06/08 6:29 p.m.•47 views

CVE-2018-4228

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages a race condition.

7.6CVSS7.2AI score0.00136EPSS

CVE•added 2018/06/08 6:29 p.m.•45 views

CVE-2018-4234

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.00175EPSS

CVE•added 2018/06/08 6:29 p.m.•45 views

CVE-2018-4236

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.00175EPSS

CVE•added 2018/06/08 6:29 p.m.•44 views

CVE-2018-4251

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Firmware" component. It allows attackers to modify the EFI flash-memory region that a crafted app that has root access.

7.1CVSS5.7AI score0.00142EPSS

CVE•added 2018/06/08 6:29 p.m.•44 views

CVE-2018-4253

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "AMD" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read of kernel memory) via a crafted app.

7.1CVSS5.6AI score0.0015EPSS

CVE•added 2018/06/08 6:29 p.m.•42 views

CVE-2018-4171

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties.

7.1CVSS4.5AI score0.00188EPSS

CVE•added 2018/06/08 6:29 p.m.•40 views

CVE-2018-4219

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "ATS" component. It allows attackers to gain privileges via a crafted app that leverages type confusion.

7.8CVSS6.6AI score0.00189EPSS