Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
| #Vulnerabilities | 3205 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-03-05 | CVE-2019-6210 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges. | Iphone_os, Mac_os_x, Tv_os, Watchos | 7.8 | ||
| 2019-03-05 | CVE-2019-6209 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout. | Iphone_os, Mac_os_x, Tv_os, Watchos | 5.5 | ||
| 2019-03-05 | CVE-2019-6208 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes. | Iphone_os, Mac_os_x, Tv_os | 5.5 | ||
| 2019-03-05 | CVE-2019-6202 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges. | Iphone_os, Mac_os_x, Watchos | 7.8 | ||
| 2019-03-05 | CVE-2019-6200 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code. | Iphone_os, Mac_os_x | 8.8 | ||
| 2018-05-08 | CVE-2018-8897 | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs),... | Mac_os_x, Ubuntu_linux, Xenserver, Debian_linux, Freebsd, Enterprise_linux_server, Enterprise_linux_workstation, Enterprise_virtualization_manager, Diskstation_manager, Skynas, Xen | 7.8 | ||
| 2018-08-07 | CVE-2018-5383 | Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. | Iphone_os, Mac_os_x, Android | 6.8 | ||
| 2019-04-03 | CVE-2018-4465 | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | Iphone_os, Mac_os_x | 7.8 | ||
| 2019-04-03 | CVE-2018-4463 | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. | Mac_os_x | 7.8 | ||
| 2019-04-03 | CVE-2018-4462 | A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2. | Mac_os_x | 5.5 |