Mac_os_x - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Mac_os_x
(Apple)

Repositories	• https://github.com/madler/zlib • https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable More/Less (4) • https://github.com/python/cpython • https://github.com/torvalds/linux • https://github.com/ruby/ruby • https://github.com/vadz/libtiff
#Vulnerabilities	3215

Date	Id	Summary	Products	Score	Patch	Annotated
2020-10-27	CVE-2018-4467	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to elevate privileges.	Mac_os_x	7.8
2020-10-27	CVE-2018-4452	A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to execute arbitrary code with system privileges.	Mac_os_x	7.8
2020-10-27	CVE-2018-4451	This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation.	Mac_os_x	7.8
2020-10-27	CVE-2018-4391	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.	Iphone_os, Mac_os_x, Watchos	5.5
2020-10-27	CVE-2018-4390	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.	Iphone_os, Mac_os_x, Watchos	5.5
2020-10-27	CVE-2019-8853	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to read restricted memory.	Mac_os_x	5.5
2020-10-27	CVE-2019-8850	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose restricted memory.	Ipados, Iphone_os, Mac_os_x, Tvos	5.5
2020-10-27	CVE-2019-8767	A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Processing a maliciously crafted string may lead to heap corruption.	Mac_os_x	9.8
2020-10-27	CVE-2019-8759	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory.	Mac_os_x	7.1
2020-10-27	CVE-2019-8754	A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A malicious HTML document may be able to render iframes with sensitive user information.	Mac_os_x	6.5