Apple macOS vulnerabilities

3,139 known vulnerabilities affecting apple/mac_os_x.

Total CVEs

3,139

CISA KEV

actively exploited

Public exploits

277

Exploited in wild

Severity breakdown

CRITICAL302HIGH1409MEDIUM1236LOW192

Vulnerabilities

Page 40 of 157

CVE-2019-8685HIGHCVSS 8.8fixed in 10.14.62019-12-18

CVE-2019-8685 [HIGH] CWE-787 CVE-2019-8685: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8549HIGHCVSS 7.8fixed in 10.14.42019-12-18

CVE-2019-8549 [HIGH] CWE-20 CVE-2019-8549: Multiple input validation issues existed in MIG generated code. These issues were addressed with imp Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges.

nvd

CVE-2019-8595HIGHCVSS 8.8fixed in 10.14.52019-12-18

CVE-2019-8595 [HIGH] CWE-787 CVE-2019-8595: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8801HIGHCVSS 7.8fixed in 10.15.12019-12-18

CVE-2019-8801 [HIGH] CWE-426 CVE-2019-8801: A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searc A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.

nvd

CVE-2019-8603HIGHCVSS 8.8fixed in 10.14.52019-12-18

CVE-2019-8603 [HIGH] CWE-125 CVE-2019-8603: A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Moja A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory.

nvd

CVE-2019-8683HIGHCVSS 8.8fixed in 10.14.62019-12-18

CVE-2019-8683 [HIGH] CWE-787 CVE-2019-8683: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8797HIGHCVSS 7.8fixed in 10.15.12019-12-18

CVE-2019-8797 [HIGH] CWE-787 CVE-2019-8797: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

nvd

CVE-2019-8602HIGHCVSS 7.8fixed in 10.14.52019-12-18

CVE-2019-8602 [HIGH] CWE-787 CVE-2019-8602: A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.

nvd

CVE-2019-8788HIGHCVSS 7.5fixed in 10.15.12019-12-18

CVE-2019-8788 [HIGH] CWE-20 CVE-2019-8788: An issue existed in the parsing of URLs. This issue was addressed with improved input validation. Th An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.

nvd

CVE-2019-8610HIGHCVSS 8.8fixed in 10.14.52019-12-18

CVE-2019-8610 [HIGH] CWE-416 CVE-2019-8610: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8611HIGHCVSS 8.8PoCfixed in 10.14.52019-12-18

CVE-2019-8611 [HIGH] CWE-787 CVE-2019-8611: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8784HIGHCVSS 7.8fixed in 10.15.12019-12-18

CVE-2019-8784 [HIGH] CWE-787 CVE-2019-8784: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.

nvd

CVE-2019-8577HIGHCVSS 7.8fixed in 10.14.52019-12-18

CVE-2019-8577 [HIGH] CWE-119 CVE-2019-8577: An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12 An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.

nvd

CVE-2019-8609HIGHCVSS 8.8fixed in 10.14.52019-12-18

CVE-2019-8609 [HIGH] CWE-787 CVE-2019-8609: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-6237HIGHCVSS 8.8fixed in 10.14.52019-12-18

CVE-2019-6237 [HIGH] CWE-787 CVE-2019-6237: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8552HIGHCVSS 7.8fixed in 10.14.42019-12-18

CVE-2019-8552 [HIGH] CWE-665 CVE-2019-8552: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges.

nvd

CVE-2019-8786HIGHCVSS 7.8fixed in 10.15.12019-12-18

CVE-2019-8786 [HIGH] CWE-787 CVE-2019-8786: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

nvd

CVE-2019-8629HIGHCVSS 7.8fixed in 10.14.52019-12-18

CVE-2019-8629 [HIGH] CWE-665 CVE-2019-8629: A memory initialization issue was addressed with improved memory handling. This issue is fixed in ma A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.

nvd

CVE-2019-8601HIGHCVSS 8.8fixed in 10.14.52019-12-18

CVE-2019-8601 [HIGH] CWE-190 CVE-2019-8601: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

CVE-2019-8677HIGHCVSS 8.8fixed in 10.14.62019-12-18

CVE-2019-8677 [HIGH] CWE-787 CVE-2019-8677: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd

← Previous40 / 157Next →