Product:

Mac_os_x

(Apple)
Date Id Summary Products Score Patch Annotated
2020-12-08 CVE-2020-9949 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra, tvOS 14.0. An application may be able to execute arbitrary code with kernel privileges. Ipados, Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2020-12-08 CVE-2020-9963 The issue was addressed with improved handling of icon caches. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious app may be able to determine the existence of files on the computer. Ipados, Iphone_os, Mac_os_x 5.5
2020-12-08 CVE-2020-27932 A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges. Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Macos, Watchos 7.8
2020-12-08 CVE-2020-27930 A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution. Ipados, Iphone_os, Mac_os_x, Macos, Watchos 7.8
2012-07-03 CVE-2012-1148 Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. Mac_os_x, Libexpat N/A
2012-07-03 CVE-2012-1147 readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files. Mac_os_x, Libexpat N/A
2007-03-13 CVE-2007-0720 The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. Mac_os_x, Cups N/A
2003-06-09 CVE-2003-0242 IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. Mac_os_x N/A
2020-12-08 CVE-2020-9954 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 7.0, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Playing a malicious audio file may lead to arbitrary code execution. Ipados, Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2020-12-08 CVE-2020-9922 A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing a maliciously crafted email may lead to writing arbitrary files. Mac_os_x 6.5