National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.1.4
There are 2,781 matching records.
Displaying matches 441 through 460.
Vuln ID Summary CVSS Severity
CVE-2017-6988

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "802.1X" component. It allows remote attackers to discover the network credentials of arbitrary users by operating a crafted network that requires 802.1X authentication, because EAP-TLS certificate validation mishandles certificate changes.

Published: May 22, 2017; 01:29:03 AM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-6987

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

Published: May 22, 2017; 01:29:03 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-6986

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:03 AM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-6985

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-6983

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-6981

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that uses symlinks.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-6979

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "IOSurface" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-6978

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-6977

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 8.6 HIGH
    V2: 6.8 MEDIUM
CVE-2017-2548

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2546

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2545

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2543

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2542

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2541

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2540

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-2537

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: May 22, 2017; 01:29:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-2535

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Security" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (resource consumption) via a crafted app.

Published: May 22, 2017; 01:29:01 AM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2017-2534

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks via a crafted app.

Published: May 22, 2017; 01:29:01 AM -04:00
V3.0: 8.6 HIGH
    V2: 6.8 MEDIUM
CVE-2017-2533

An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: May 22, 2017; 01:29:01 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH