Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
#Vulnerabilities | 3205 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-04-03 | CVE-2017-13827 | An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that performs kext loading. | Mac_os_x | 7.8 | ||
2017-11-13 | CVE-2017-13786 | An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter. | Mac_os_x | 4.6 | ||
2015-04-10 | CVE-2015-1098 | iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file. | Iphone_os, Mac_os_x | N/A | ||
2014-04-22 | CVE-2013-7338 | Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function. | Mac_os_x, Python | N/A | ||
2019-01-11 | CVE-2018-4183 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | Mac_os_x | 8.2 | ||
2019-01-11 | CVE-2018-4182 | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. | Mac_os_x | 8.2 | ||
2019-01-11 | CVE-2018-4181 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | Mac_os_x, Ubuntu_linux, Debian_linux | 5.5 | ||
2019-01-11 | CVE-2018-4180 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | Mac_os_x, Ubuntu_linux, Debian_linux | 7.8 | ||
2014-11-18 | CVE-2014-4459 | Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. | Iphone_os, Itunes, Mac_os_x, Safari, Tvos | N/A | ||
2019-04-03 | CVE-2018-20505 | SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). | Icloud, Iphone_os, Itunes, Mac_os_x, Watchos, Sqlite | 7.5 |