Vulnerabilities (CVE)

Vendor filter

Apple Subscribe

Product filter

Mac Os X Subscribe

Filter

2154 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-4182 1 Apple 1 Mac Os X 2019-10-03 7.2
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
CVE-2017-7143 1 Apple 1 Mac Os X 2019-10-03 2.1
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwords in opportunistic circumstances by sniffing...
CVE-2017-7149 1 Apple 1 Mac Os X 2019-10-03 2.1
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility...
CVE-2017-6979 1 Apple 5 Apple Tv, Watchos, Mac Os X and 2 more 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "IOSurface" component. A race condition...
CVE-2017-2519 2 Apple, Debian 6 Apple Tv, Watchos, Mac Os X and 3 more 2019-10-03 7.5
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote...
CVE-2018-4131 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log...
CVE-2017-2516 1 Apple 1 Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVE-2018-4100 1 Apple 3 Iphone Os, Mac Os X, Watchos 2019-10-03 5.0
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. watchOS before 4.2.2 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to cause a...
CVE-2017-2417 1 Apple 5 Mac Os X, Iphone Os, Apple Tv and 2 more 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote...
CVE-2018-4173 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app.
CVE-2018-5383 2 Apple, Google 3 Iphone Os, Mac Os X, Android 2019-10-03 4.3
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to...
CVE-2017-13837 1 Apple 1 Mac Os X 2019-10-03 5.0
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key.
CVE-2017-2535 1 Apple 1 Mac Os X 2019-10-03 6.8
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Security" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (resource consumption) via a crafted app.
CVE-2017-13871 1 Apple 1 Mac Os X 2019-10-03 5.0
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the...
CVE-2015-1098 1 Apple 2 Mac Os X, Iphone Os 2019-09-27 6.8
iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
CVE-2008-4211 1 Apple 3 Mac Os X, Iphone Os, Mac Os X Server 2019-09-26 10.0
Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application...
CVE-2016-4448 11 Apple, Slackware, Oracle and 8 more 31 Libxml2, Tvos, Suse Linux Enterprise Software Development Kit and 28 more 2019-09-25 10.0
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2018-18313 6 Perl, Canonical, Debian and 3 more 8 Perl, Ubuntu Linux, Debian Linux and 5 more 2019-09-06 6.4
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
CVE-2019-9506 2 Apple, Google 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-08-28 4.8
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB")...
CVE-2013-7338 2 Python, Apple 2 Mac Os X, Python 2019-08-21 7.1
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3)...