Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
#Vulnerabilities | 3205 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-10-22 | CVE-2020-9994 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to overwrite arbitrary files. | Ipados, Iphone_os, Mac_os_x, Tvos, Watchos | 7.1 | ||
2020-10-22 | CVE-2020-9985 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. | Ipados, Iphone_os, Mac_os_x, Watchos | 7.8 | ||
2020-10-22 | CVE-2020-9927 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. | Mac_os_x | 7.8 | ||
2020-10-22 | CVE-2020-9924 | A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6. A remote attacker may be able to cause a denial of service. | Mac_os_x | 7.5 | ||
2020-10-22 | CVE-2020-9935 | A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6. A user may be unexpectedly logged in to another user’s account. | Mac_os_x | 4.3 | ||
2020-10-16 | CVE-2020-9864 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. | Mac_os_x | 9.8 | ||
2020-10-16 | CVE-2020-9913 | This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information. | Mac_os_x | 5.5 | ||
2009-10-23 | CVE-2009-3767 | libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | Mac_os_x, Fedora, Openldap | N/A | ||
2020-10-16 | CVE-2020-9799 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. | Mac_os_x | 7.8 | ||
2019-04-03 | CVE-2018-4470 | A privacy issue in the handling of Open Directory records was addressed with improved indexing. This issue affected versions prior to macOS High Sierra 10.13.6. | Mac_os_x | 3.3 |