Apple macOS vulnerabilities
3,139 known vulnerabilities affecting apple/mac_os_x.
Total CVEs
3,139
CISA KEV
26
actively exploited
Public exploits
277
Exploited in wild
28
Severity breakdown
CRITICAL302HIGH1409MEDIUM1236LOW192
Vulnerabilities
Page 62 of 157
CVE-2017-7121CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7121 [CRITICAL] CWE-20 CVE-2017-7121: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
nvd
CVE-2017-7130CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7130 [CRITICAL] CWE-119 CVE-2017-7130: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other i
nvd
CVE-2017-7126CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7126 [CRITICAL] CWE-20 CVE-2017-7126: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
nvd
CVE-2017-7125CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7125 [CRITICAL] CWE-20 CVE-2017-7125: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
nvd
CVE-2017-7129CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7129 [CRITICAL] CWE-119 CVE-2017-7129: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other i
nvd
CVE-2017-7124CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7124 [CRITICAL] CWE-20 CVE-2017-7124: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
nvd
CVE-2017-7123CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7123 [CRITICAL] CWE-20 CVE-2017-7123: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
nvd
CVE-2017-7122CRITICALCVSS 9.8≤ 10.12.62017-10-23
CVE-2017-7122 [CRITICAL] CWE-20 CVE-2017-7122: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
nvd
CVE-2017-7149HIGHCVSS 7.8≤ 10.132017-10-23
CVE-2017-7149 [HIGH] CVE-2017-7149: An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affecte
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value.
nvd
CVE-2017-7077HIGHCVSS 7.8≤ 10.12.62017-10-23
CVE-2017-7077 [HIGH] CWE-119 CVE-2017-7077: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
nvd
CVE-2017-7114HIGHCVSS 7.8≤ 10.12.62017-10-23
CVE-2017-7114 [HIGH] CWE-119 CVE-2017-7114: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
nvd
CVE-2017-7076HIGHCVSS 7.8≤ 10.12.62017-10-23
CVE-2017-7076 [HIGH] CWE-119 CVE-2017-7076: An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves th
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
nvd
CVE-2017-7127HIGHCVSS 7.8≤ 10.12.62017-10-23
CVE-2017-7127 [HIGH] CWE-119 CVE-2017-7127: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (mem
nvd
CVE-2017-7086HIGHCVSS 7.5≤ 10.12.62017-10-23
CVE-2017-7086 [HIGH] CWE-400 CVE-2017-7086: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted string that is mishandled by the glob function.
nvd
CVE-2017-7080HIGHCVSS 7.5≤ 10.12.62017-10-23
CVE-2017-7080 [HIGH] CWE-295 CVE-2017-7080: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust restrictions via a revoked X.509 certificate.
nvd
CVE-2017-7150MEDIUMCVSS 5.5≤ 10.12.62017-10-23
CVE-2017-7150 [MEDIUM] CWE-521 CVE-2017-7150: An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affecte
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click.
nvd
CVE-2017-7083MEDIUMCVSS 4.9≤ 10.12.62017-10-23
CVE-2017-7083 [MEDIUM] CWE-20 CVE-2017-7083: An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component. It allows remote attackers to cause a denial of service.
nvd
CVE-2017-7074MEDIUMCVSS 5.5≤ 10.12.62017-10-23
CVE-2017-7074 [MEDIUM] CWE-20 CVE-2017-7074: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.
nvd
CVE-2017-7141MEDIUMCVSS 5.3≤ 10.12.62017-10-23
CVE-2017-7141 [MEDIUM] CWE-200 CVE-2017-7141: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via an HTML email message.
nvd
CVE-2017-7119MEDIUMCVSS 5.5≤ 10.12.62017-10-23
CVE-2017-7119 [MEDIUM] CWE-20 CVE-2017-7119: An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involve
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
nvd