Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 29 of 157
CVE-2020-9908HIGHCVSS 7.1fixed in 10.15.62020-10-22
CVE-2020-9908 [HIGH] CWE-125 CVE-2020-9908: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.
nvd
CVE-2020-9887HIGHCVSS 7.8≥ 10.13.6, < 10.15.62020-10-22
CVE-2020-9887 [HIGH] CWE-787 CVE-2020-9887: A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. Viewing a maliciously crafted JPEG file may lead to arbitrary code execution.
nvd
CVE-2020-9874HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9874 [HIGH] CWE-787 CVE-2020-9874: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9879HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9879 [HIGH] CWE-787 CVE-2020-9879: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9919HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9919 [HIGH] CWE-787 CVE-2020-9919: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9937HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9937 [HIGH] CWE-787 CVE-2020-9937: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9875HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9875 [HIGH] CWE-190 CVE-2020-9875: An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9871HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9871 [HIGH] CWE-787 CVE-2020-9871: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9779HIGHCVSS 7.1≥ 10.13.6, < 10.15.42020-10-22
CVE-2020-9779 [HIGH] CWE-125 CVE-2020-9779: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory.
nvd
CVE-2020-9928HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9928 [HIGH] CWE-787 CVE-2020-9928: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2020-9927HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9927 [HIGH] CWE-787 CVE-2020-9927: A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2020-9881HIGHCVSS 7.8≥ 10.14.6, < 10.15.62020-10-22
CVE-2020-9881 [HIGH] CWE-120 CVE-2020-9881: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
nvd
CVE-2020-9828HIGHCVSS 7.5fixed in 10.15.42020-10-22
CVE-2020-9828 [HIGH] CWE-125 CVE-2020-9828: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to leak sensitive user information.
nvd
CVE-2020-9892HIGHCVSS 7.8≥ 10.13.6, < 10.15.62020-10-22
CVE-2020-9892 [HIGH] CWE-787 CVE-2020-9892: Multiple memory corruption issues were addressed with improved state management. This issue is fixed
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges.
nvd
CVE-2020-9869HIGHCVSS 7.5fixed in 10.15.62020-10-22
CVE-2020-9869 [HIGH] CWE-787 CVE-2020-9869: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A remote attacker may cause an unexpected application termination.
nvd
CVE-2020-9880HIGHCVSS 7.8≥ 10.14.6, < 10.15.62020-10-22
CVE-2020-9880 [HIGH] CWE-120 CVE-2020-9880: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and i
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
nvd
CVE-2020-9771HIGHCVSS 7.1fixed in 10.15.42020-10-22
CVE-2020-9771 [HIGH] CVE-2020-9771: This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A us
This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A user may gain access to protected parts of the file system.
nvd
CVE-2020-9984HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9984 [HIGH] CWE-125 CVE-2020-9984: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2020-9924HIGHCVSS 7.5fixed in 10.15.62020-10-22
CVE-2020-9924 [HIGH] CVE-2020-9924: A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10
A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6. A remote attacker may be able to cause a denial of service.
nvd
CVE-2020-9877HIGHCVSS 7.8fixed in 10.15.62020-10-22
CVE-2020-9877 [HIGH] CWE-125 CVE-2020-9877: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd