Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 52 of 157
CVE-2019-6231MEDIUMCVSS 5.5fixed in 10.14.32019-03-05
CVE-2019-6231 [MEDIUM] CWE-125 CVE-2019-6231: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory.
nvd
CVE-2019-6220MEDIUMCVSS 5.5fixed in 10.14.32019-03-05
CVE-2019-6220 [MEDIUM] CWE-125 CVE-2019-6220: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Moj
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.3. An application may be able to read restricted memory.
nvd
CVE-2019-6209MEDIUMCVSS 5.5PoCfixed in 10.14.32019-03-05
CVE-2019-6209 [MEDIUM] CWE-125 CVE-2019-6209: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.
nvd
CVE-2019-6235CRITICALCVSS 10.0fixed in 10.14.32019-03-04
CVE-2019-6235 [CRITICAL] CWE-787 CVE-2019-6235: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3,
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.
nvd
CVE-2019-8906MEDIUMCVSS 4.4fixed in 10.14.42019-02-18
CVE-2019-8906 [MEDIUM] CWE-125 CVE-2019-8906: do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is mis
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
nvd
CVE-2018-4258CRITICALCVSS 9.8fixed in 10.13.52019-01-11
CVE-2018-4258 [CRITICAL] CWE-119 CVE-2018-4258: In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking.
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking.
nvd
CVE-2018-4254CRITICALCVSS 9.8fixed in 10.13.52019-01-11
CVE-2018-4254 [CRITICAL] CWE-20 CVE-2018-4254: In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was
In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation.
nvd
CVE-2018-4257CRITICALCVSS 9.8fixed in 10.13.52019-01-11
CVE-2018-4257 [CRITICAL] CWE-119 CVE-2018-4257: In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation.
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation.
nvd
CVE-2018-4298CRITICALCVSS 9.8≥ 10.13.0, < 10.13.32019-01-11
CVE-2018-4298 [CRITICAL] CVE-2018-4298: In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 E
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation.
nvd
CVE-2017-13889CRITICALCVSS 9.8≥ 10.13.0, < 10.13.32019-01-11
CVE-2017-13889 [CRITICAL] CWE-287 CVE-2017-13889: In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 E
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation.
nvd
CVE-2018-4189CRITICALCVSS 9.8≥ 10.13.0, < 10.13.32019-01-11
CVE-2018-4189 [CRITICAL] CWE-119 CVE-2018-4189: In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Securit
In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.
nvd
CVE-2018-4169CRITICALCVSS 9.8≥ 10.13.0, < 10.13.32019-01-11
CVE-2018-4169 [CRITICAL] CWE-125 CVE-2018-4169: In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 E
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation.
nvd
CVE-2018-4185HIGHCVSS 7.5fixed in 10.13.42019-01-11
CVE-2018-4185 [HIGH] CWE-200 CVE-2018-4185: In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an i
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.
nvd
CVE-2018-4217HIGHCVSS 7.5fixed in 10.13.52019-01-11
CVE-2018-4217 [HIGH] CWE-200 CVE-2018-4217: In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was a
In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was addressed with improved indexing.
nvd
CVE-2018-4194HIGHCVSS 8.8≥ 10.13.0, < 10.13.52019-01-11
CVE-2018-4194 [HIGH] CWE-125 CVE-2018-4194: In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Wi
In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
nvd
CVE-2018-4183HIGHCVSS 8.2fixed in 10.13.52019-01-11
CVE-2018-4183 [HIGH] CVE-2018-4183: In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restricti
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.
nvd
CVE-2018-4182HIGHCVSS 8.2fixed in 10.13.52019-01-11
CVE-2018-4182 [HIGH] CVE-2018-4182: In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restricti
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
nvd
CVE-2018-4277HIGHCVSS 7.5fixed in 10.13.62019-01-11
CVE-2018-4277 [HIGH] CWE-20 CVE-2018-4277: In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sie
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
nvd
CVE-2018-4180HIGHCVSS 7.8fixed in 10.13.52019-01-11
CVE-2018-4180 [HIGH] CVE-2018-4180: In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improve
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
nvd
CVE-2017-13887HIGHCVSS 7.5fixed in 10.13.22019-01-11
CVE-2017-13887 [HIGH] CWE-320 CVE-2017-13887: In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hiberna
In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.
nvd