Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 15 of 157
CVE-2021-30877HIGHCVSS 7.1≥ 10.15, ≤ 10.15.6v10.15.72021-08-24
CVE-2021-30877 [HIGH] CWE-125 CVE-2021-30877: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mont
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
nvd
CVE-2021-30922HIGHCVSS 7.8≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30922 [HIGH] CWE-787 CVE-2021-30922: Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixe
Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2021-30949HIGHCVSS 7.8≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30949 [HIGH] CWE-787 CVE-2021-30949: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2021-30857HIGHCVSS 7.0fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30857 [HIGH] CWE-362 CVE-2021-30857: A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-00
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2021-30942HIGHCVSS 7.8≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30942 [HIGH] CWE-787 CVE-2021-30942: Description: A memory corruption issue in the processing of ICC profiles was addressed with improved
Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2021-30880HIGHCVSS 7.1≥ 10.15, ≤ 10.15.6v10.15.72021-08-24
CVE-2021-30880 [HIGH] CWE-125 CVE-2021-30880: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mont
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
nvd
CVE-2021-30859HIGHCVSS 7.8fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30859 [HIGH] CWE-843 CVE-2021-30859: A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 a
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2021-30912MEDIUMCVSS 5.5fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30912 [MEDIUM] CWE-281 CVE-2021-30912: The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.
The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may gain access to a user's Keychain items.
nvd
CVE-2021-30963MEDIUMCVSS 5.5≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30963 [MEDIUM] CWE-120 CVE-2021-30963: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
nvd
CVE-2021-30855MEDIUMCVSS 5.5fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30855 [MEDIUM] CWE-59 CVE-2021-30855: A validation issue existed in the handling of symlinks. This issue was addressed with improved valid
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. An application may be able to access restricted files.
nvd
CVE-2021-30929MEDIUMCVSS 5.5v10.15.72021-08-24
CVE-2021-30929 [MEDIUM] CWE-787 CVE-2021-30929: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in mac
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents.
nvd
CVE-2021-30959MEDIUMCVSS 5.5≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30959 [MEDIUM] CWE-120 CVE-2021-30959: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
nvd
CVE-2021-30905MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30905 [MEDIUM] CWE-125 CVE-2021-30905: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 a
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information.
nvd
CVE-2021-30911MEDIUMCVSS 5.5fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30911 [MEDIUM] CWE-125 CVE-2021-30911: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mont
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents.
nvd
CVE-2021-30976MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30976 [MEDIUM] CVE-2021-30976: A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeeper checks.
nvd
CVE-2021-30892MEDIUMCVSS 5.5fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30892 [MEDIUM] CWE-732 CVE-2021-30892: An inherited permissions issue was addressed with additional restrictions. This issue is fixed in ma
An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to modify protected parts of the file system.
nvd
CVE-2021-30940MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30940 [MEDIUM] CWE-120 CVE-2021-30940: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mo
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents.
nvd
CVE-2021-30913MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30913 [MEDIUM] CVE-2021-30913: The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.
The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. An unprivileged application may be able to edit NVRAM variables.
nvd
CVE-2021-30972MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30972 [MEDIUM] CWE-863 CVE-2021-30972: This issue was addressed with improved checks. This issue is fixed in Security Update 2022-001 Catal
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-001 Catalina, macOS Big Sur 11.6.3. A malicious application may be able to bypass certain Privacy preferences.
nvd
CVE-2021-30968MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30968 [MEDIUM] CWE-59 CVE-2021-30968: A validation issue related to hard link behavior was addressed with improved sandbox restrictions. T
A validation issue related to hard link behavior was addressed with improved sandbox restrictions. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to bypass certain Privacy preferences.
nvd