Product:

Mac_os_x

(Apple)
Date Id Summary Products Score Patch Annotated
2019-12-18 CVE-2019-8527 A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. Iphone_os, Mac_os_x, Tvos, Watchos N/A
2019-12-18 CVE-2019-8516 A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service. Iphone_os, Mac_os_x, Tvos, Watchos N/A
2016-03-13 CVE-2016-1950 Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. Iphone_os, Mac_os_x, Tvos, Watchos, Firefox, Firefox_esr, Network_security_services, Opensuse, Glassfish_server, Iplanet_web_proxy_server, Iplanet_web_server, Linux, Vm_server 8.8
2015-06-09 CVE-2015-4024 Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. Mac_os_x, System_management_homepage, Linux, Solaris, Php, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation N/A
2015-08-14 CVE-2015-1819 The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Opensuse, Linux, Solaris, Enterprise_linux, Libxml N/A
2019-12-18 CVE-2019-8803 An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials.. Ipados, Iphone_os, Mac_os_x, Tvos, Watchos N/A
2019-12-18 CVE-2019-8794 A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory. Ipados, Iphone_os, Mac_os_x, Tvos, Watchos N/A
2019-12-18 CVE-2019-8788 An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. Ipados, Iphone_os, Mac_os_x N/A
2019-12-18 CVE-2019-8757 A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics. Mac_os_x N/A
2019-12-18 CVE-2019-8533 A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor. Mac_os_x N/A