National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.2.7
There are 1,469 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2018-4256

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Published: January 11, 2019; 01:29:02 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2018-4255

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Published: January 11, 2019; 01:29:02 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2018-4254

In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation.

Published: January 11, 2019; 01:29:02 PM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2018-4217

In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was addressed with improved indexing.

Published: January 11, 2019; 01:29:02 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-4185

In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

Published: January 11, 2019; 01:29:01 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-4183

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions.

Published: January 11, 2019; 01:29:01 PM -05:00
V3: 8.2 HIGH
V2: 7.2 HIGH
CVE-2018-4182

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

Published: January 11, 2019; 01:29:01 PM -05:00
V3: 8.2 HIGH
V2: 7.2 HIGH
CVE-2018-4181

In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.

Published: January 11, 2019; 01:29:01 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2018-4180

In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.

Published: January 11, 2019; 01:29:01 PM -05:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2017-13887

In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.

Published: January 11, 2019; 01:29:00 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2017-13886

In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions.

Published: January 11, 2019; 01:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2018-18313

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

Published: December 07, 2018; 04:29:00 PM -05:00
V3: 9.1 CRITICAL
V2: 6.4 MEDIUM
CVE-2018-18311

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Published: December 07, 2018; 04:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-5383

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Published: August 07, 2018; 05:29:00 PM -04:00
V3: 6.8 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-4253

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "AMD" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read of kernel memory) via a crafted app.

Published: June 08, 2018; 02:29:02 PM -04:00
V3: 5.5 MEDIUM
V2: 7.1 HIGH
CVE-2018-4251

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Firmware" component. It allows attackers to modify the EFI flash-memory region that a crafted app that has root access.

Published: June 08, 2018; 02:29:02 PM -04:00
V3: 5.5 MEDIUM
V2: 7.1 HIGH
CVE-2018-4249

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.

Published: June 08, 2018; 02:29:02 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2018-4243

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: June 08, 2018; 02:29:02 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2018-4242

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: June 08, 2018; 02:29:02 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2018-4241

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: June 08, 2018; 02:29:02 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH