Mac Os X Security Vulnerabilities and Issues — Mac Os X CVE List

Lucene search

AppleMac Os X

93 matches found

CVE•added 2022/03/14 11:15 a.m.•7647 views

CVE-2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

9.8CVSS9.4AI score0.29926EPSS

CVE•added 2022/03/25 9:15 a.m.•3096 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00089EPSS

CVE•added 2022/03/14 11:15 a.m.•2351 views

CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

9.1CVSS9.4AI score0.24863EPSS

CVE•added 2022/03/14 11:15 a.m.•2018 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

7.5CVSS8.7AI score0.27791EPSS

CVE•added 2022/07/28 2:15 a.m.•1617 views

CVE-2022-2294

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02384EPSS

In wild

CVE•added 2022/05/26 6:15 p.m.•1250 views

CVE-2022-22674

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory.

5.5CVSS5.9AI score0.00145EPSS

In wild

CVE•added 2022/05/26 6:15 p.m.•1018 views

CVE-2022-26691

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.

7.2CVSS6.1AI score0.00011EPSS

CVE•added 2022/02/26 5:15 a.m.•414 views

CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

7.5CVSS7.7AI score0.00046EPSS

CVE•added 2022/02/09 11:15 p.m.•337 views

CVE-2022-0530

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

5.5CVSS5.3AI score0.0012EPSS

CVE•added 2022/02/14 12:15 p.m.•275 views

CVE-2021-45444

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

7.8CVSS7.8AI score0.00142EPSS

CVE•added 2022/01/18 4:15 p.m.•228 views

CVE-2022-0261

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS8.8AI score0.00207EPSS

CVE•added 2022/05/26 7:15 p.m.•200 views

CVE-2022-26722

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges.

9.3CVSS8AI score0.00173EPSS

CVE•added 2022/05/26 8:15 p.m.•198 views

CVE-2022-26751

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execut...

7.8CVSS8.3AI score0.00627EPSS

CVE•added 2022/09/23 7:15 p.m.•198 views

CVE-2022-32823

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information.

5.5CVSS5.6AI score0.00042EPSS

CVE•added 2022/03/18 6:15 p.m.•184 views

CVE-2022-22631

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.

7.8CVSS7.3AI score0.00147EPSS

CVE•added 2022/05/26 6:15 p.m.•179 views

CVE-2022-22662

A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.

6.5CVSS6.4AI score0.00201EPSS

CVE•added 2022/01/06 5:15 p.m.•166 views

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read

7.8CVSS7.6AI score0.00239EPSS

CVE•added 2022/03/18 6:15 p.m.•152 views

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

6.1CVSS6.2AI score0.00262EPSS

CVE•added 2022/03/18 6:15 p.m.•148 views

CVE-2022-22638

A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service a...

6.5CVSS6.1AI score0.00276EPSS

CVE•added 2022/11/01 8:15 p.m.•145 views

CVE-2022-32910

A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.

7.5CVSS7.3AI score0.0017EPSS

CVE•added 2022/05/26 8:15 p.m.•143 views

CVE-2022-26770

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00266EPSS

CVE•added 2022/05/26 7:15 p.m.•141 views

CVE-2022-26727

This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.9AI score0.00169EPSS

CVE•added 2022/09/23 7:15 p.m.•141 views

CVE-2022-32832

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.

6.7CVSS7.3AI score0.04875EPSS

CVE•added 2022/05/26 7:15 p.m.•129 views

CVE-2022-26726

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen.

6.5CVSS6.5AI score0.11271EPSS

CVE•added 2022/03/18 6:15 p.m.•124 views

CVE-2022-22665

A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges.

9.3CVSS7.5AI score0.0035EPSS

CVE•added 2022/03/18 6:15 p.m.•123 views

CVE-2022-22617

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.

7.8CVSS7.6AI score0.0013EPSS

CVE•added 2022/05/26 8:15 p.m.•122 views

CVE-2022-26766

A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

5.5CVSS5.7AI score0.03033EPSS

CVE•added 2022/05/26 7:15 p.m.•118 views

CVE-2022-26714

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.1AI score0.0048EPSS

CVE•added 2022/05/26 6:15 p.m.•117 views

CVE-2022-22616

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks.

5.5CVSS5.5AI score0.07239EPSS

CVE•added 2022/03/18 6:15 p.m.•116 views

CVE-2022-22627

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memor...

7.1CVSS6.2AI score0.00362EPSS

CVE•added 2022/08/24 8:15 p.m.•115 views

CVE-2022-32839

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution.

9.8CVSS8.8AI score0.00935EPSS

CVE•added 2022/08/24 8:15 p.m.•114 views

CVE-2022-32837

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory.

7.8CVSS7.1AI score0.00045EPSS

CVE•added 2022/03/18 6:15 p.m.•112 views

CVE-2022-22614

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00277EPSS

CVE•added 2022/05/26 8:15 p.m.•112 views

CVE-2022-26763

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system...

9.3CVSS7.9AI score0.07518EPSS

CVE•added 2022/09/23 7:15 p.m.•110 views

CVE-2022-32847

This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. A remote user may be able to cause unexpected system termination or corrupt kernel memory.

9.1CVSS7.7AI score0.00386EPSS

CVE•added 2022/05/26 8:15 p.m.•109 views

CVE-2022-26755

This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.

6.3CVSS6.3AI score0.00283EPSS

CVE•added 2022/03/18 6:15 p.m.•108 views

CVE-2022-22613

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privilege...

9.3CVSS7.9AI score0.00193EPSS

CVE•added 2022/05/26 8:15 p.m.•108 views

CVE-2022-26775

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS8.9AI score0.01534EPSS

CVE•added 2022/05/26 8:15 p.m.•107 views

CVE-2022-26757

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.04042EPSS

CVE•added 2022/09/23 7:15 p.m.•107 views

CVE-2022-32787

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code exec...

8.8CVSS8.7AI score0.0013EPSS

CVE•added 2022/05/26 8:15 p.m.•105 views

CVE-2022-26756

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.1AI score0.00292EPSS

CVE•added 2022/09/23 7:15 p.m.•105 views

CVE-2022-32826

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

7.8CVSS7.4AI score0.00031EPSS

CVE•added 2022/08/24 8:15 p.m.•105 views

CVE-2022-32857

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activi...

4.3CVSS5.3AI score0.00026EPSS

CVE•added 2022/03/18 6:15 p.m.•104 views

CVE-2022-22625

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memo...

7.1CVSS6.2AI score0.00368EPSS

CVE•added 2022/03/18 6:15 p.m.•104 views

CVE-2022-22656

An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen.

3.3CVSS4.6AI score0.00148EPSS

CVE•added 2022/03/18 6:15 p.m.•103 views

CVE-2022-22647

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A person with access to a Mac may be able to bypass Login Window.

4.6CVSS4.9AI score0.00102EPSS

CVE•added 2022/08/24 8:15 p.m.•103 views

CVE-2022-32838

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files.

5.5CVSS5.8AI score0.00043EPSS

CVE•added 2022/05/26 8:15 p.m.•102 views

CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00693EPSS

CVE•added 2022/05/26 8:15 p.m.•102 views

CVE-2022-26761

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00213EPSS

CVE•added 2022/09/23 7:15 p.m.•102 views

CVE-2022-32842

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges.

7.8CVSS7.5AI score0.00034EPSS

Total number of security vulnerabilities93