Macos Security Vulnerabilities and Issues — Page 25 of Macos CVE List

7.8CVSS7AI score0.00352EPSS

CVE-2020-29617

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

CVE•added 2020/06/09 5:15 p.m.•78 views

CVE-2020-9852

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00533EPSS

7.8CVSS7.6AI score0.00395EPSS

CVE-2020-9956

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font file may l...

7.8CVSS7AI score0.00232EPSS

CVE-2021-1757

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges.

7.8CVSS7.7AI score0.00276EPSS

CVE-2021-1768

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arb...

5.5CVSS5.6AI score0.00309EPSS

CVE-2021-1778

An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted ...

CVE•added 2021/09/08 3:15 p.m.•78 views

CVE-2021-1847

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.4AI score0.00407EPSS

CVE•added 2021/09/08 3:15 p.m.•78 views

CVE-2021-1873

An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's credentials from secure text f...

6.5CVSS6.5AI score0.00308EPSS

CVE•added 2021/09/08 3:15 p.m.•78 views

CVE-2021-30653

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8AI score0.00462EPSS

CVE•added 2021/09/08 2:15 p.m.•78 views

CVE-2021-30728

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.1AI score0.00292EPSS

CVE•added 2021/09/08 2:15 p.m.•78 views

CVE-2021-30796

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing a maliciously crafted image may lead to a denial of service.

6.5CVSS6.3AI score0.00555EPSS

CVE•added 2021/10/28 7:15 p.m.•78 views

CVE-2021-30824

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00292EPSS

CVE•added 2022/05/26 8:15 p.m.•78 views

CVE-2022-26767

The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5CVSS6.1AI score0.00127EPSS

CVE•added 2022/08/24 8:15 p.m.•78 views

CVE-2022-32811

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8.2AI score0.00233EPSS

CVE•added 2023/02/27 8:15 p.m.•78 views

CVE-2022-32900

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges.

7.8CVSS6.7AI score0.00029EPSS

CVE•added 2023/02/27 8:15 p.m.•78 views

CVE-2023-23506

A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data.

5.5CVSS4.4AI score0.00027EPSS

CVE•added 2023/05/08 8:15 p.m.•78 views

CVE-2023-27949

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

7.8CVSS7.1AI score0.00043EPSS

CVE•added 2023/06/23 6:15 p.m.•78 views

CVE-2023-32422

This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences.

5.5CVSS5.3AI score0.00167EPSS

CVE•added 2023/09/27 3:19 p.m.•78 views

CVE-2023-41984

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00047EPSS

8.6CVSS7.3AI score0.00019EPSS

CVE-2024-0258

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

5.9CVSS6.2AI score0.00064EPSS

CVE-2024-23239

A race condition was addressed with improved state handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to leak sensitive user information.

9.1CVSS6.4AI score0.00142EPSS

CVE-2024-23255

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. Photos in the Hidden Photos Album may be viewed without authentication.

8.6CVSS6.3AI score0.00072EPSS

CVE-2024-23278

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.

6.5CVSS6.1AI score0.00175EPSS

CVE-2024-23287

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4. An app may be able to access user-sensitive data.

8.4CVSS6.6AI score0.00034EPSS

CVE-2024-23288

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to elevate privileges.

CVE•added 2025/03/31 11:15 p.m.•78 views

CVE-2025-24167

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A download's origin may be incorrectly associated.

9.8CVSS5.9AI score0.00056EPSS

CVE•added 2025/05/12 10:15 p.m.•78 views

CVE-2025-31206

A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.5AI score0.00112EPSS

CVE•added 2019/04/03 6:29 p.m.•77 views

CVE-2018-4287

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.

10CVSS7AI score0.00717EPSS

CVE•added 2019/04/03 6:29 p.m.•77 views

CVE-2018-4393

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.

9.3CVSS7.5AI score0.00149EPSS

CVE•added 2019/03/04 8:29 p.m.•77 views

CVE-2019-6235

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

10CVSS7.5AI score0.00813EPSS

CVE•added 2019/12/18 6:15 p.m.•77 views

CVE-2019-8574

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8AI score0.0036EPSS

CVE•added 2019/12/18 6:15 p.m.•77 views

CVE-2019-8585

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. Processing a maliciously crafted movie file may lead to arbitrary code execution.

8.8CVSS7.8AI score0.00679EPSS

CVE•added 2020/10/27 8:15 p.m.•77 views

CVE-2019-8749

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 ...

9.8CVSS7.9AI score0.01253EPSS

CVE•added 2020/10/27 8:15 p.m.•77 views

CVE-2019-8833

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code...

9.3CVSS7.5AI score0.00484EPSS

5.5CVSS5.5AI score0.00359EPSS

CVE-2020-29610

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may disclose restricted me...

CVE•added 2020/10/22 6:15 p.m.•77 views

CVE-2020-9772

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A sandboxed process may be able to circumvent sandbox restrictions.

5.5CVSS5.5AI score0.00071EPSS

CVE•added 2020/04/01 6:15 p.m.•77 views

CVE-2020-9785

Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8AI score0.00276EPSS

CVE•added 2020/06/09 5:15 p.m.•77 views

CVE-2020-9797

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine another application's memory layout.

5.5CVSS5.4AI score0.00325EPSS

CVE•added 2020/06/09 5:15 p.m.•77 views

CVE-2020-9814

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00484EPSS

CVE•added 2020/10/22 6:15 p.m.•77 views

CVE-2020-9871

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS

7.8CVSS7.4AI score0.00371EPSS

CVE-2020-9955

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution.

9.3CVSS7.6AI score0.01262EPSS

CVE-2020-9967

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to ca...

9.3CVSS8.1AI score0.00302EPSS

CVE-2021-1779

A logic error in kext loading was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. An application may be able to execute arbitrary code with system privileges.