Vulnerabilities (CVE)

Vendor filter

Apple Subscribe

Product filter

Mac Os X Subscribe

Filter

2151 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-18313 6 Perl, Canonical, Debian and 3 more 8 Perl, Ubuntu Linux, Debian Linux and 5 more 2019-09-06 6.4
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
CVE-2019-9506 2 Apple, Google 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-08-28 4.8
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB")...
CVE-2013-7338 2 Python, Apple 2 Mac Os X, Python 2019-08-21 7.1
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3)...
CVE-2018-4183 1 Apple 1 Mac Os X 2019-08-15 7.2
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.
CVE-2018-4182 1 Apple 1 Mac Os X 2019-08-15 7.2
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
CVE-2018-4181 3 Apple, Canonical, Debian 3 Mac Os X, Ubuntu Linux, Debian Linux 2019-08-15 4.9
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
CVE-2018-4180 3 Apple, Canonical, Debian 3 Mac Os X, Ubuntu Linux, Debian Linux 2019-08-15 4.6
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
CVE-2017-9788 6 Apache, Netapp, Oracle and 3 more 16 Httpd, Http Server, Oncommand Unified Manager and 13 more 2019-08-15 6.4
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an...
CVE-2014-0117 2 Apache, Apple 2 Mac Os X, Http Server 2019-08-15 4.3
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
CVE-2018-12015 6 Perl, Canonical, Debian and 3 more 9 Perl, Ubuntu Linux, Debian Linux and 6 more 2019-08-06 6.4
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
CVE-2018-18311 7 Perl, Canonical, Debian and 4 more 17 Perl, Ubuntu Linux, Debian Linux and 14 more 2019-07-16 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-2014-4459 1 Apple 6 Mac Os X, Iphone Os, Safari and 3 more 2019-07-16 6.8
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
CVE-2018-20506 3 Apple, Sqlite, Opensuse 8 Icloud, Itunes, Sqlite and 5 more 2019-06-19 6.8
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to...
CVE-2018-20505 2 Apple, Sqlite 6 Icloud, Itunes, Sqlite and 3 more 2019-06-19 5.0
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
CVE-2017-2520 2 Apple, Debian 6 Apple Tv, Watchos, Mac Os X and 3 more 2019-06-19 7.5
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote...
CVE-2017-2519 2 Apple, Debian 6 Apple Tv, Watchos, Mac Os X and 3 more 2019-06-19 7.5
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote...
CVE-2017-2518 2 Apple, Debian 6 Apple Tv, Watchos, Mac Os X and 3 more 2019-06-19 7.5
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote...
CVE-2016-4738 2 Apple, Debian 7 Mac Os X, Iphone Os, Watch Os and 4 more 2019-06-18 9.3
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4609 2 Xmlsoft, Apple 6 Libxslt, Itunes, Iphone Os and 3 more 2019-06-18 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or...
CVE-2016-4607 2 Xmlsoft, Apple 6 Libxslt, Itunes, Iphone Os and 3 more 2019-06-18 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or...