Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 16 of 157
CVE-2021-30910MEDIUMCVSS 5.5fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30910 [MEDIUM] CWE-125 CVE-2021-30910: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 a
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information.
nvd
CVE-2021-30931MEDIUMCVSS 5.5≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30931 [MEDIUM] CVE-2021-30931: A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.0.1,
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. A malicious application may be able to disclose kernel memory.
nvd
CVE-2021-30973MEDIUMCVSS 5.5≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30973 [MEDIUM] CWE-125 CVE-2021-30973: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Mon
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted file may disclose user information.
nvd
CVE-2021-30941MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30941 [MEDIUM] CWE-120 CVE-2021-30941: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mo
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents.
nvd
CVE-2021-30961MEDIUMCVSS 5.5≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30961 [MEDIUM] CWE-120 CVE-2021-30961: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
nvd
CVE-2021-30982MEDIUMCVSS 5.9≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30982 [MEDIUM] CWE-362 CVE-2021-30982: A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.1, Se
A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A remote attacker may be able to cause unexpected application termination or heap corruption.
nvd
CVE-2021-30950MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30950 [MEDIUM] CVE-2021-30950: A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeeper checks.
nvd
CVE-2021-30990MEDIUMCVSS 5.5≥ 10.15, < 10.15.7v10.15.72021-08-24
CVE-2021-30990 [MEDIUM] CVE-2021-30990: A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.1, Se
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeeper checks.
nvd
CVE-2021-30965MEDIUMCVSS 6.5≥ 10.15, ≤ 10.15.7v10.15.72021-08-24
CVE-2021-30965 [MEDIUM] CVE-2021-30965: A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may be able to cause a denial of service to Endpoint Security clients.
nvd
CVE-2021-30915LOWCVSS 2.4fixed in 10.15.7v10.15.72021-08-24
CVE-2021-30915 [LOW] CVE-2021-30915: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPad
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS device may be able to determine characteristics of a user's password in a secure text entry field.
nvd
CVE-2021-22925MEDIUMCVSS 5.3v10.15.72021-08-05
CVE-2021-22925 [MEDIUM] CWE-200 CVE-2021-22925: curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revea
nvd
CVE-2020-25709HIGHCVSS 7.5≥ 10.14.0, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-05-18
CVE-2020-25709 [HIGH] CWE-617 CVE-2020-25709: A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be pro
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
nvd
CVE-2021-1870CRITICALCVSS 9.8KEV≥ 10.15, < 10.15.7v10.15.72021-04-02
CVE-2021-1870 [CRITICAL] CVE-2021-1870: A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, S
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
nvd
CVE-2021-1871CRITICALCVSS 9.8KEV≥ 10.15, < 10.15.7v10.15.72021-04-02
CVE-2021-1871 [CRITICAL] CVE-2021-1871: A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, S
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
nvd
CVE-2021-1818CRITICALCVSS 9.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02
CVE-2021-1818 [CRITICAL] CVE-2021-1818: A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
nvd
CVE-2021-1738HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02
CVE-2021-1738 [HIGH] CWE-787 CVE-2021-1738: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Bi
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2021-1747HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02
CVE-2021-1747 [HIGH] CWE-787 CVE-2021-1747: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Bi
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing maliciously crafted web content may lead to code execution.
nvd
CVE-2021-1737HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02
CVE-2021-1737 [HIGH] CWE-787 CVE-2021-1737: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Bi
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2021-1788HIGHCVSS 8.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02
CVE-2021-1788 [HIGH] CWE-416 CVE-2021-1788: A use after free issue was addressed with improved memory management. This issue is fixed in macOS B
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2020-27915HIGHCVSS 7.8fixed in 11.0.1fixed in 11.1.02021-04-02
CVE-2020-27915 [HIGH] CWE-787 CVE-2020-27915: A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to execute arbitrary code with system privileges.
nvd