Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-14469 7Apple DebianF5+4 more 7Debian Linux Enterprise LinuxFedora+4 more Nov 21, 2024 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
CVE-2018-14468 7Apple DebianF5+4 more 23Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+20 more Dec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
CVE-2018-14467 6Apple DebianFedoraproject+3 more 6Debian Linux Enterprise LinuxFedora+3 more Dec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
CVE-2018-14466 6Apple DebianFedoraproject+3 more 6Debian Linux Enterprise LinuxFedora+3 more Nov 21, 2024 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
CVE-2018-14465 7Apple DebianF5+4 more 7Debian Linux Enterprise LinuxFedora+4 more Dec 17, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2018-14464 6Apple DebianFedoraproject+3 more 6Debian Linux Enterprise LinuxFedora+3 more Nov 21, 2024 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
CVE-2018-14463 7Apple DebianF5+4 more 7Debian Linux Enterprise LinuxFedora+4 more Nov 21, 2024 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
CVE-2018-14462 7Apple DebianF5+4 more 7Debian Linux Enterprise LinuxFedora+4 more Dec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2018-14461 6Apple DebianFedoraproject+3 more 6Debian Linux Enterprise LinuxFedora+3 more Dec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
CVE-2019-9506 7Apple CanonicalDebian+4 more 147Alp Al00b Firmware AndroidAres Al00b Firmware+144 more Nov 21, 2024 Aug 14, 2019 N/A· v4 8.1 HIGH· v3 4.8 MEDIUM· v2 The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-...Show more The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.Show less
CVE-2019-11042 7Apple CanonicalDebian+4 more 7Debian Linux LeapMac Os X+4 more Nov 21, 2024 Aug 9, 2019 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data wh...Show more When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.Show less
CVE-2019-11041 7Apple CanonicalDebian+4 more 7Debian Linux LeapMac Os X+4 more Nov 21, 2024 Aug 9, 2019 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data wh...Show more When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.Show less
CVE-2019-13565 7Apple CanonicalDebian+4 more 9Blockchain Platform Debian LinuxLeap+6 more Nov 21, 2024 Jul 26, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would o...Show more An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.Show less
CVE-2019-13057 7Apple CanonicalDebian+4 more 9Blockchain Platform Debian LinuxLeap+6 more Nov 21, 2024 Jul 26, 2019 N/A· v4 4.9 MEDIUM· v3 3.5 LOW· v2 An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant de...Show more An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)Show less
CVE-2019-13118 7Apple CanonicalFedoraproject+4 more 25Active Iq Unified Manager Cloud BackupClustered Data Ontap+22 more May 28, 2026 Jul 1, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of...Show more In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.Show less
CVE-2018-4470 1Apple 1Mac Os X Nov 21, 2024 Apr 3, 2019 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 A privacy issue in the handling of Open Directory records was addressed with improved indexing. This issue affected versions prior to macOS High Sierra 10.13.6.
CVE-2018-4465 1Apple 2Iphone Os Mac Os X Nov 21, 2024 Apr 3, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
CVE-2018-4463 1Apple 1Mac Os X Nov 21, 2024 Apr 3, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.
CVE-2018-4462 1Apple 1Mac Os X Nov 21, 2024 Apr 3, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2.
CVE-2018-4461 1Apple 4Iphone Os Mac Os XTvos+1 more Nov 21, 2024 Apr 3, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

Previous 1...454647...161 Next