Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
#Vulnerabilities | 3205 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2015-11-13 | CVE-2015-8126 | Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Libpng, Leap, Opensuse, Jdk, Jre, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
2014-11-18 | CVE-2014-3620 | cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain. | Mac_os_x, Curl, Libcurl | N/A | ||
2020-10-22 | CVE-2020-9990 | A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. | Mac_os_x | 7.8 | ||
2021-09-08 | CVE-2021-30772 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to gain root privileges. | Mac_os_x, Macos | 7.8 | ||
2021-10-19 | CVE-2021-30829 | A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files. | Mac_os_x, Macos | 7.8 | ||
2020-04-28 | CVE-2020-12243 | In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | Mac_os_x, Brocade_fabric_operating_system, Ubuntu_linux, Debian_linux, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Steelstore_cloud_integrated_storage, Openldap, Leap, Solaris, Zfs_storage_appliance_kit | 7.5 | ||
2020-04-01 | CVE-2020-9775 | An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user's private browsing activity may be unexpectedly saved in Screen Time. | Ipados, Iphone_os, Mac_os_x | 5.3 | ||
2020-06-09 | CVE-2020-9815 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution. | Ipados, Iphone_os, Mac_os_x, Tvos, Watchos | 7.8 | ||
2020-12-08 | CVE-2020-10016 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges. | Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos | 7.8 | ||
2020-06-09 | CVE-2020-9856 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. An application may be able to gain elevated privileges. | Mac_os_x | 5.3 |