Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 24 of 157
CVE-2019-8547CRITICALCVSS 9.8≥ 10.12.6, < 10.14.5≥ 10.14.3, < 10.14.42020-10-27
CVE-2019-8547 [CRITICAL] CWE-125 CVE-2019-8547: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
nvd
CVE-2019-8716CRITICALCVSS 9.8fixed in 10.15.12020-10-27
CVE-2019-8716 [CRITICAL] CWE-787 CVE-2019-8716: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8767CRITICALCVSS 9.8fixed in 10.152020-10-27
CVE-2019-8767 [CRITICAL] CWE-787 CVE-2019-8767: A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Processing a maliciously crafted string may lead to heap corruption.
nvd
CVE-2019-8531CRITICALCVSS 9.8fixed in 10.14.42020-10-27
CVE-2019-8531 [CRITICAL] CWE-295 CVE-2019-8531: A validation issue existed in Trust Anchor Management. This issue was addressed with improved valida
A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted.
nvd
CVE-2019-8746CRITICALCVSS 9.8fixed in 10.152020-10-27
CVE-2019-8746 [CRITICAL] CWE-125 CVE-2019-8746: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected ap
nvd
CVE-2018-4296CRITICALCVSS 9.8v10.142020-10-27
CVE-2018-4296 [CRITICAL] CVE-2018-4296: This issue is fixed in macOS Mojave 10.14. A permissions issue existed in DiskArbitration. This was
This issue is fixed in macOS Mojave 10.14. A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks.
nvd
CVE-2019-7288CRITICALCVSS 9.8fixed in 10.14.32020-10-27
CVE-2019-7288 [CRITICAL] CVE-2019-7288: The issue was addressed with improved validation on the FaceTime server. This issue is fixed in macO
The issue was addressed with improved validation on the FaceTime server. This issue is fixed in macOS Mojave 10.14.3 Supplemental Update, iOS 12.1.4. A thorough security audit of the FaceTime service uncovered an issue with Live Photos .
nvd
CVE-2019-8756CRITICALCVSS 9.8fixed in 10.152020-10-27
CVE-2019-8756 [CRITICAL] CWE-787 CVE-2019-8756: Multiple memory corruption issues were addressed with improved input validation. This issue is fixed
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.
nvd
CVE-2020-9866CRITICALCVSS 9.8fixed in 10.15.62020-10-27
CVE-2020-9866 [CRITICAL] CWE-120 CVE-2020-9866: A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution.
nvd
CVE-2019-8759HIGHCVSS 7.1fixed in 10.15.12020-10-27
CVE-2019-8759 [HIGH] CWE-125 CVE-2019-8759: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Cata
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory.
nvd
CVE-2019-8776HIGHCVSS 7.8fixed in 10.152020-10-27
CVE-2019-8776 [HIGH] CWE-787 CVE-2019-8776: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8838HIGHCVSS 7.8fixed in 10.15.22020-10-27
CVE-2019-8838 [HIGH] CWE-787 CVE-2019-8838: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2019-8509HIGHCVSS 7.8≥ 10.13.6, < 10.15.12020-10-27
CVE-2019-8509 [HIGH] CVE-2019-8509: This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.1
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.
nvd
CVE-2019-8715HIGHCVSS 7.8fixed in 10.152020-10-27
CVE-2019-8715 [HIGH] CWE-787 CVE-2019-8715: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8825HIGHCVSS 8.8fixed in 10.15.12020-10-27
CVE-2019-8825 [HIGH] CWE-787 CVE-2019-8825: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code ex
nvd
CVE-2019-8832HIGHCVSS 7.8fixed in 10.15.22020-10-27
CVE-2019-8832 [HIGH] CWE-787 CVE-2019-8832: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2020-9941HIGHCVSS 7.5≥ 10.13, < 10.13.6≥ 10.14, < 10.14.6+3 more2020-10-27
CVE-2020-9941 [HIGH] CVE-2020-9941: This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Securi
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state.
nvd
CVE-2019-8851HIGHCVSS 7.5fixed in 10.15.22020-10-27
CVE-2019-8851 [HIGH] CVE-2019-8851: A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10
A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A Mac may not lock immediately upon wake.
nvd
CVE-2019-8831HIGHCVSS 7.8fixed in 10.15.12020-10-27
CVE-2019-8831 [HIGH] CWE-787 CVE-2019-8831: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8847HIGHCVSS 7.8fixed in 10.15.22020-10-27
CVE-2019-8847 [HIGH] CWE-787 CVE-2019-8847: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.
nvd