Product:

Mac_os_x

(Apple)
Date Id Summary Products Score Patch Annotated
2020-10-27 CVE-2020-9941 This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state. Mac_os_x 7.5
2020-10-22 CVE-2020-9883 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. Icloud, Ipad_os, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos 7.8
2020-10-22 CVE-2020-9876 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. Icloud, Ipad_os, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos 7.8
2007-03-13 CVE-2007-0720 The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. Mac_os_x, Cups N/A
2019-12-11 CVE-2019-14899 A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. Ipad_os, Iphone_os, Mac_os_x, Tvos, Freebsd, Linux_kernel, Openbsd 7.4
2020-12-08 CVE-2020-9996 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to elevate privileges. Ipad_os, Iphone_os, Mac_os_x 7.8
2020-12-08 CVE-2020-9989 The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages. Ipad_os, Iphone_os, Mac_os_x, Watchos 5.5
2020-12-08 CVE-2020-9988 The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages. Ipad_os, Iphone_os, Mac_os_x 5.5
2020-12-08 CVE-2020-9977 A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to determine a user's open tabs in Safari. Ipad_os, Iphone_os, Mac_os_x 5.5
2020-12-08 CVE-2020-9974 A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to determine kernel memory layout. Ipad_os, Iphone_os, Mac_os_x, Tvos, Watchos 5.5