Product:

Mac_os_x

(Apple)
Repositories https://github.com/madler/zlib
https://github.com/apache/httpd
https://github.com/file/file
https://github.com/Perl/perl5
https://github.com/openssh/openssh-portable
#Vulnerabilities 3215
Date Id Summary Products Score Patch Annotated
2018-04-03 CVE-2017-7002 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Iphone_os, Mac_os_x 8.8
2018-04-03 CVE-2017-7001 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Iphone_os, Mac_os_x 8.8
2018-04-03 CVE-2017-7000 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Iphone_os, Mac_os_x, Chromium, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 8.8
2017-05-22 CVE-2017-6991 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Iphone_os, Mac_os_x 8.8
2017-05-22 CVE-2017-6988 An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "802.1X" component. It allows remote attackers to discover the network credentials of arbitrary users by operating a crafted network that requires 802.1X authentication, because EAP-TLS certificate validation mishandles certificate changes. Mac_os_x 5.9
2017-05-22 CVE-2017-6987 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Iphone_os, Mac_os_x, Tvos, Watchos 5.5
2017-05-22 CVE-2017-6986 An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app. Mac_os_x 7.8
2017-05-22 CVE-2017-6985 An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Mac_os_x 7.8
2017-05-22 CVE-2017-6983 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Iphone_os, Mac_os_x 8.8
2017-05-22 CVE-2017-6978 An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Mac_os_x 7.8