Macos@* Security Vulnerabilities and Issues — Page 7 of Macos@* CVE List

Lucene search

AppleMacos*

2665 matches found

CVE•added 2022/05/26 7:15 p.m.•236 views

CVE-2022-26711

An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS8.9AI score0.01615EPSS

CVE•added 2022/05/26 8:15 p.m.•236 views

CVE-2022-26776

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS8.8AI score0.01644EPSS

CVE•added 2022/07/07 1:15 p.m.•236 views

CVE-2022-32205

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl

4.3CVSS6.2AI score0.00189EPSS

CVE•added 2023/10/25 7:15 p.m.•236 views

CVE-2023-40444

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may be able to access user-sensitive data.

5.5CVSS5.2AI score0.00031EPSS

CVE•added 2019/12/18 6:15 p.m.•235 views

CVE-2019-8681

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitr...

8.8CVSS8.6AI score0.00816EPSS

CVE•added 2019/12/18 6:15 p.m.•234 views

CVE-2019-8676

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may l...

9.3CVSS8.6AI score0.03566EPSS

CVE•added 2023/05/26 9:15 p.m.•234 views

CVE-2023-28319

A use after free vulnerability exists in curl

7.5CVSS7.3AI score0.0032EPSS

CVE•added 2019/12/18 6:15 p.m.•233 views

CVE-2019-8689

9.3CVSS8.6AI score0.29403EPSS

CVE•added 2022/02/22 8:15 p.m.•233 views

CVE-2022-0714

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.

8.4CVSS7AI score0.00171EPSS

CVE•added 2019/12/18 6:15 p.m.•232 views

CVE-2019-8673

8.8CVSS8.5AI score0.00816EPSS

CVE•added 2021/01/26 6:15 p.m.•232 views

CVE-2020-36223

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

7.5CVSS7.3AI score0.06006EPSS

CVE•added 2021/09/08 2:15 p.m.•232 views

CVE-2021-30758

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.01EPSS

CVE•added 2023/02/27 8:15 p.m.•232 views

CVE-2023-23520

A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root.

5.9CVSS4.8AI score0.00105EPSS

CVE•added 2021/07/20 7:15 a.m.•231 views

CVE-2021-36976

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

6.5CVSS6.8AI score0.00106EPSS

CVE•added 2020/10/27 8:15 p.m.•229 views

CVE-2019-8696

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

8.8CVSS7.7AI score0.01225EPSS

CVE•added 2021/09/08 2:15 p.m.•229 views

CVE-2021-30799

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.8AI score0.01039EPSS

CVE•added 2022/03/14 9:15 p.m.•229 views

CVE-2022-0943

Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

8.4CVSS7.8AI score0.00039EPSS

CVE•added 2022/09/23 7:15 p.m.•229 views

CVE-2022-26700

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8.3AI score0.00156EPSS

CVE•added 2022/02/23 2:15 p.m.•228 views

CVE-2022-0729

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.

8.8CVSS8.2AI score0.00318EPSS

CVE•added 2019/12/18 6:15 p.m.•226 views

CVE-2019-8611

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.28043EPSS

CVE•added 2019/12/18 6:15 p.m.•226 views

CVE-2019-8679

8.8CVSS8.5AI score0.00816EPSS

CVE•added 2022/01/18 4:15 p.m.•226 views

CVE-2022-0261

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS8.8AI score0.00207EPSS

CVE•added 2022/01/26 12:15 p.m.•226 views

CVE-2022-0359

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS8AI score0.00084EPSS

CVE•added 2021/09/08 3:15 p.m.•225 views

CVE-2021-30689

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00589EPSS

CVE•added 2021/09/08 2:15 p.m.•225 views

CVE-2021-30720

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.

5.8CVSS5.7AI score0.00477EPSS

CVE•added 2024/03/05 8:16 p.m.•225 views

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

7.8CVSS7AI score0.00085EPSS

CVE•added 2022/05/31 2:15 p.m.•224 views

CVE-2022-1942

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.7AI score0.00932EPSS

CVE•added 2021/01/26 6:15 p.m.•223 views

CVE-2020-36222

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

7.5CVSS7.3AI score0.35851EPSS

CVE•added 2021/09/08 2:15 p.m.•223 views

CVE-2021-30797

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8AI score0.01663EPSS

CVE•added 2022/02/14 12:15 p.m.•223 views

CVE-2022-0572

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

8.4CVSS8.2AI score0.01041EPSS

CVE•added 2021/01/26 6:15 p.m.•222 views

CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.

7.5CVSS7.3AI score0.66247EPSS

CVE•added 2020/10/27 8:15 p.m.•220 views

CVE-2019-8675

8.8CVSS7.7AI score0.01225EPSS

CVE•added 2021/09/08 2:15 p.m.•220 views

CVE-2021-30744

Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site sc...

6.1CVSS6.1AI score0.00589EPSS

CVE•added 2019/12/18 6:15 p.m.•219 views

CVE-2019-8683

8.8CVSS8.5AI score0.00825EPSS

CVE•added 2021/01/26 6:15 p.m.•219 views

CVE-2020-36221

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

7.5CVSS7.4AI score0.47645EPSS

CVE•added 2021/01/26 6:15 p.m.•219 views

CVE-2020-36227

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

7.5CVSS7.3AI score0.60342EPSS

CVE•added 2021/12/25 7:15 p.m.•219 views

CVE-2021-4166

vim is vulnerable to Out-of-bounds Read

7.1CVSS8.1AI score0.00224EPSS

CVE•added 2022/01/28 10:15 p.m.•219 views

CVE-2022-0392

Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.

7.8CVSS7.9AI score0.00086EPSS

CVE•added 2022/01/20 6:15 p.m.•219 views

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable a race condition enabling symlink following (CWE-363)....

7.3CVSS6.4AI score0.01107EPSS

CVE•added 2021/01/26 6:15 p.m.•218 views

CVE-2020-36225

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS7.3AI score0.00574EPSS

CVE•added 2022/05/27 3:15 p.m.•218 views

CVE-2022-1897

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

7.8CVSS7.9AI score0.00546EPSS

CVE•added 2019/12/18 6:15 p.m.•217 views

CVE-2019-8644

8.8CVSS8.5AI score0.00816EPSS

CVE•added 2019/12/18 6:15 p.m.•217 views

CVE-2019-8688

9.3CVSS8.6AI score0.04267EPSS

CVE•added 2019/12/18 6:15 p.m.•215 views

CVE-2019-8669

9.3CVSS8.5AI score0.03566EPSS

CVE•added 2019/12/18 6:15 p.m.•215 views

CVE-2019-8684

9.3CVSS8.6AI score0.03566EPSS

CVE•added 2019/12/18 6:15 p.m.•214 views

CVE-2019-8584

8.8CVSS8.5AI score0.00811EPSS

CVE•added 2019/12/18 6:15 p.m.•214 views

CVE-2019-8595

8.8CVSS8.6AI score0.00811EPSS

CVE•added 2019/12/18 6:15 p.m.•214 views

CVE-2019-8615

6.5CVSS7.9AI score0.00728EPSS

CVE•added 2019/12/18 6:15 p.m.•213 views

CVE-2019-8601

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code e...

8.8CVSS8.5AI score0.09556EPSS

CVE•added 2019/12/18 6:15 p.m.•213 views

CVE-2019-8680

8.8CVSS8.5AI score0.00816EPSS

Total number of security vulnerabilities2665