Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 45 of 157
CVE-2019-14899HIGHCVSS 7.4fixed in 10.15.62019-12-11
CVE-2019-14899 [HIGH] CWE-300 CVE-2019-14899: A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a mal
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to in
nvd
CVE-2018-16227HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-16227 [HIGH] CWE-125 CVE-2018-16227: The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
nvd
CVE-2018-16228HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-16228 [HIGH] CWE-125 CVE-2018-16228: The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
nvd
CVE-2018-14469HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14469 [HIGH] CWE-125 CVE-2018-14469: The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
nvd
CVE-2018-14880HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14880 [HIGH] CWE-125 CVE-2018-14880: The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
nvd
CVE-2018-14467HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14467 [HIGH] CWE-125 CVE-2018-14467: The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print(
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
nvd
CVE-2018-14882HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14882 [HIGH] CWE-125 CVE-2018-14882: The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
nvd
CVE-2018-16230HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-16230 [HIGH] CWE-125 CVE-2018-16230: The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_RE
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
nvd
CVE-2018-14464HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14464 [HIGH] CWE-125 CVE-2018-14464: The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_sub
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
nvd
CVE-2018-14881HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14881 [HIGH] CWE-125 CVE-2018-14881: The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print(
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
nvd
CVE-2018-14465HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14465 [HIGH] CWE-125 CVE-2018-14465: The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
nvd
CVE-2018-16229HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-16229 [HIGH] CWE-125 CVE-2018-16229: The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
nvd
CVE-2018-14468HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14468 [HIGH] CWE-125 CVE-2018-14468: The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
nvd
CVE-2018-14470HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14470 [HIGH] CWE-125 CVE-2018-14470: The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
nvd
CVE-2018-14879HIGHCVSS 7.0fixed in 10.15.22019-10-03
CVE-2018-14879 [HIGH] CWE-120 CVE-2018-14879: The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
nvd
CVE-2018-16451HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-16451 [HIGH] CWE-125 CVE-2018-16451: The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILS
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
nvd
CVE-2018-14461HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14461 [HIGH] CWE-125 CVE-2018-14461: The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
nvd
CVE-2018-14463HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14463 [HIGH] CWE-125 CVE-2018-14463: The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
nvd
CVE-2019-15166HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2019-15166 [HIGH] CWE-120 CVE-2019-15166: lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
nvd
CVE-2018-14466HIGHCVSS 7.5fixed in 10.15.22019-10-03
CVE-2018-14466 [HIGH] CWE-125 CVE-2018-14466: The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_ca
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
nvd