Apple macOS vulnerabilities

3,139 known vulnerabilities affecting apple/mac_os_x.

Total CVEs

3,139

CISA KEV

actively exploited

Public exploits

277

Exploited in wild

Severity breakdown

CRITICAL302HIGH1409MEDIUM1236LOW192

Vulnerabilities

Page 20 of 157

CVE-2020-29617HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-29617 [HIGH] CWE-125 CVE-2020-29617: An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3 An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.

nvd

CVE-2021-1772HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1772 [HIGH] CWE-787 CVE-2021-1772: A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execution.

nvd

CVE-2021-1744HIGHCVSS 7.8≥ 10.15, < 10.15.7v10.15.72021-04-02

CVE-2021-1744 [HIGH] CWE-787 CVE-2021-1744: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Bi An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2021-1751HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1751 [HIGH] CVE-2021-1751: A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11. A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.

nvd

CVE-2020-29624HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-29624 [HIGH] CWE-787 CVE-2020-29624: A memory corruption issue existed in the processing of font files. This issue was addressed with imp A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary cod

nvd

CVE-2020-27897HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-27897 [HIGH] CWE-787 CVE-2020-27897: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in mac An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.

nvd

CVE-2020-9962HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-9962 [HIGH] CWE-120 CVE-2020-9962: A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2021-1743HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1743 [HIGH] CWE-125 CVE-2021-1743: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2021-1758HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1758 [HIGH] CWE-125 CVE-2021-1758: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.

nvd

CVE-2020-29616HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-29616 [HIGH] CWE-787 CVE-2020-29616: A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2020-27919HIGHCVSS 7.8fixed in 11.0.1fixed in 11.1.02021-04-02

CVE-2020-27919 [HIGH] CWE-787 CVE-2020-27919: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Bi An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2020-29618HIGHCVSS 7.8≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-29618 [HIGH] CWE-125 CVE-2020-29618: An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3 An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2021-1797MEDIUMCVSS 5.5fixed in 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1797 [MEDIUM] CVE-2021-1797: The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.

nvd

CVE-2020-27937MEDIUMCVSS 5.5fixed in 11.2.0fixed in 11.0.12021-04-02

CVE-2020-27937 [MEDIUM] CVE-2020-27937: A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11. A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to access private information.

nvd

CVE-2020-29621MEDIUMCVSS 5.5≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-29621 [MEDIUM] CWE-862 CVE-2020-29621: This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security U This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to bypass Privacy preferences.

nvd

CVE-2021-1765MEDIUMCVSS 6.5≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1765 [MEDIUM] CVE-2021-1765: This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.

nvd

CVE-2020-10001MEDIUMCVSS 5.5fixed in 11.1.02021-04-02

CVE-2020-10001 [MEDIUM] CWE-20 CVE-2020-10001: An input validation issue was addressed with improved memory handling. This issue is fixed in macOS An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to read restricted memory.

nvd

CVE-2020-29615MEDIUMCVSS 5.5≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2020-29615 [MEDIUM] CWE-125 CVE-2020-29615: An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 7 An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted image may lead to a denial of service.

nvd

CVE-2021-1781MEDIUMCVSS 5.5≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1781 [MEDIUM] CVE-2021-1781: A privacy issue existed in the handling of Contact cards. This was addressed with improved state man A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A malicious application may be able to leak sensitive user information.

nvd

CVE-2021-1773MEDIUMCVSS 5.5≥ 10.14, < 10.14.6≥ 10.15, < 10.15.7+2 more2021-04-02

CVE-2021-1773 [MEDIUM] CVE-2021-1773: A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11. A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to a denial of service.

nvd

← Previous20 / 157Next →