Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4676 | 1 Apple | 2 Mac Os X, Safari | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information. | |||||
| CVE-2013-1867 | 1 Apple | 2 Mac Os X, Tokend | 2020-02-03 | 6.3 MEDIUM | 6.1 MEDIUM |
| Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability | |||||
| CVE-2013-1866 | 2 Apple, Opensc Project | 2 Mac Os X, Opensc | 2020-02-03 | 6.3 MEDIUM | 6.1 MEDIUM |
| OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability | |||||
| CVE-2019-8502 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-31 | 4.3 MEDIUM | 3.3 LOW |
| An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization. | |||||
| CVE-2019-8511 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2019-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges. | |||||
| CVE-2019-8517 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory. | |||||
| CVE-2019-8801 | 1 Apple | 2 Itunes, Mac Os X | 2019-12-30 | 4.4 MEDIUM | 7.8 HIGH |
| A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | |||||
| CVE-2019-8549 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-30 | 9.3 HIGH | 7.8 HIGH |
| Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-8540 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-30 | 7.1 HIGH | 5.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2019-8529 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-12-30 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-8516 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-30 | 5.0 MEDIUM | 7.5 HIGH |
| A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service. | |||||
| CVE-2019-8527 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-30 | 9.4 HIGH | 9.1 CRITICAL |
| A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2019-8542 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-12-30 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges. | |||||
| CVE-2019-8817 | 1 Apple | 1 Mac Os X | 2019-12-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.1. An application may be able to read restricted memory. | |||||
| CVE-2015-1819 | 8 Apple, Canonical, Debian and 5 more | 12 Iphone Os, Mac Os X, Tvos and 9 more | 2019-12-27 | 5.0 MEDIUM | N/A |
| The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. | |||||
| CVE-2015-4024 | 5 Apple, Hp, Oracle and 2 more | 12 Mac Os X, System Management Homepage, Linux and 9 more | 2019-12-27 | 5.0 MEDIUM | N/A |
| Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. | |||||
| CVE-2019-8519 | 1 Apple | 1 Mac Os X | 2019-12-26 | 2.1 LOW | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory. | |||||
| CVE-2019-8533 | 1 Apple | 1 Mac Os X | 2019-12-26 | 4.6 MEDIUM | 7.8 HIGH |
| A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor. | |||||
| CVE-2019-8757 | 1 Apple | 1 Mac Os X | 2019-12-26 | 1.9 LOW | 2.5 LOW |
| A race condition existed when reading and writing user preferences. This was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15. The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics. | |||||
| CVE-2019-8788 | 1 Apple | 3 Ipados, Iphone Os, Mac Os X | 2019-12-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. | |||||