Apple macOS vulnerabilities

3,139 known vulnerabilities affecting apple/mac_os_x.

Total CVEs

3,139

CISA KEV

actively exploited

Public exploits

277

Exploited in wild

Severity breakdown

CRITICAL302HIGH1409MEDIUM1236LOW192

Vulnerabilities

Page 60 of 157

CVE-2017-13832CRITICALCVSS 9.8≤ 10.13.02017-11-13

CVE-2017-13832 [CRITICAL] CVE-2017-13832: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support.

nvd

CVE-2017-7132HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-7132 [HIGH] CWE-400 CVE-2017-7132: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted Office document.

nvd

CVE-2017-13808HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13808 [HIGH] CWE-119 CVE-2017-13808: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13829HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13829 [HIGH] CWE-119 CVE-2017-13829: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13814HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13814 [HIGH] CWE-119 CVE-2017-13814: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file.

nvd

CVE-2017-13811HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13811 [HIGH] CWE-119 CVE-2017-13811: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13816HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13816 [HIGH] CWE-119 CVE-2017-13816: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.

nvd

CVE-2017-13809HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13809 [HIGH] CWE-20 CVE-2017-13809: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote attackers to execute arbitrary code via a crafted AppleScript file that is mishandled by osadecompile.

nvd

CVE-2017-13799HIGHCVSS 7.8fixed in 10.13.12017-11-13

CVE-2017-13799 [HIGH] CWE-119 CVE-2017-13799: An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted a

nvd

CVE-2017-13812HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13812 [HIGH] CWE-119 CVE-2017-13812: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted archive file.

nvd

CVE-2017-13820HIGHCVSS 7.1≤ 10.13.02017-11-13

CVE-2017-13820 [HIGH] CWE-119 CVE-2017-13820: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font.

nvd

CVE-2017-13825HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13825 [HIGH] CWE-400 CVE-2017-13825: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted font file.

nvd

CVE-2017-13824HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13824 [HIGH] CWE-119 CVE-2017-13824: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted AppleScript file that is mishandled by osadecompile.

nvd

CVE-2017-13800HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13800 [HIGH] CWE-119 CVE-2017-13800: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13831HIGHCVSS 7.1≤ 10.13.02017-11-13

CVE-2017-13831 [HIGH] CWE-200 CVE-2017-13831: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image.

nvd

CVE-2017-13838HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13838 [HIGH] CWE-119 CVE-2017-13838: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13807HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13807 [HIGH] CWE-20 CVE-2017-13807: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickTime file.

nvd

CVE-2017-13833HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13833 [HIGH] CWE-119 CVE-2017-13833: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13843HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13843 [HIGH] CWE-119 CVE-2017-13843: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2017-13834HIGHCVSS 7.8≤ 10.13.02017-11-13

CVE-2017-13834 [HIGH] CWE-119 CVE-2017-13834: An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue invol An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary.

nvd

← Previous60 / 157Next →