Product:

Mac_os_x

(Apple)
Repositories https://github.com/madler/zlib
https://github.com/apache/httpd
https://github.com/file/file
https://github.com/Perl/perl5
https://github.com/openssh/openssh-portable
#Vulnerabilities 3215
Date Id Summary Products Score Patch Annotated
2017-04-01 CVE-2017-2407 An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2017-04-01 CVE-2017-2406 An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2017-04-01 CVE-2017-2403 An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Printing" component. A format-string vulnerability allows remote attackers to execute arbitrary code via a crafted ipp: or ipps: URL. Mac_os_x 8.8
2017-04-01 CVE-2017-2401 An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2017-04-01 CVE-2017-2398 An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Iphone_os, Mac_os_x 7.8
2017-04-01 CVE-2017-2388 An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. Mac_os_x 5.5
2017-04-01 CVE-2017-2379 An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Carbon" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted .dfont file. Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2017-02-20 CVE-2017-2370 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2017-02-20 CVE-2017-2361 An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Help Viewer" component, which allows XSS attacks via a crafted web site. Mac_os_x 6.1
2017-02-20 CVE-2017-2360 An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Iphone_os, Mac_os_x, Tvos, Watchos, Webkitgtk\+ 7.8