Mac_os_x
(Apple)| Repositories |
•
https://github.com/apache/httpd
• https://github.com/Perl/perl5 • https://github.com/file/file • https://github.com/torvalds/linux • https://github.com/ruby/ruby |
| #Vulnerabilities | 2238 |
| Date | ID | Summary | Products | Score | Patch | |
|---|---|---|---|---|---|---|
| 2019-01-11 | CVE-2018-4183 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | Mac_os_x | 8.2 | ||
| 2019-01-11 | CVE-2018-4182 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. | Mac_os_x | 8.2 | ||
| 2019-01-11 | CVE-2018-4181 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | Mac_os_x, Ubuntu_linux, Debian_linux | 5.5 | ||
| 2019-01-11 | CVE-2018-4180 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | Mac_os_x, Ubuntu_linux, Debian_linux | 7.8 | ||
| 2017-07-13 | CVE-2017-9788 | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. | Http_server, Mac_os_x, Debian_linux, Oncommand_unified_manager, Storage_automation_store, Secure_global_desktop, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Jboss_core_services, Jboss_enterprise_application_platform, Jboss_enterprise_web_server | 9.1 | ||
| 2014-07-20 | CVE-2014-0117 | The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header. | Http_server, Mac_os_x | N/A | ||
| 2018-06-07 | CVE-2018-12015 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | Mac_os_x, Archive\:\:tar, Ubuntu_linux, Debian_linux, Data_ontap_edge, Oncommand_workflow_automation, Snap_creator_framework, Snapdrive, Perl | 7.5 | ||
| 2018-12-07 | CVE-2018-18311 | Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Web_gateway, E\-Series_santricity_os_controller, Snap_creator_framework, Snapcenter, Snapdriver, Perl, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openshift_container_platform | 9.8 | ||
| 2014-11-18 | CVE-2014-4459 | Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. | Iphone_os, Itunes, Mac_os_x, Safari, Tvos | N/A | ||
| 2019-04-03 | CVE-2018-20506 | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346. | Icloud, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Leap, Sqlite | 8.1 |