Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-4226 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-03-07 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of sensitive user information. | |||||
CVE-2019-6224 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2019-03-06 | 6.8 MEDIUM | 8.8 HIGH |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution. | |||||
CVE-2019-6213 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2019-03-06 | 9.3 HIGH | 7.8 HIGH |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2019-6209 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2019-03-06 | 4.3 MEDIUM | 5.5 MEDIUM |
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout. | |||||
CVE-2019-6221 | 2 Apple, Microsoft | 4 Iphone Os, Itunes, Mac Os X and 1 more | 2019-03-06 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges. | |||||
CVE-2019-6202 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2019-03-06 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges. | |||||
CVE-2019-6200 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-03-06 | 5.8 MEDIUM | 8.8 HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code. | |||||
CVE-2018-4193 | 1 Apple | 1 Mac Os X | 2019-02-26 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2016-4117 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Chrome Os and 2 more | 2019-02-12 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016. | |||||
CVE-2015-1139 | 1 Apple | 1 Mac Os X | 2019-01-31 | 6.8 MEDIUM | N/A |
ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file. | |||||
CVE-2015-1137 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type. | |||||
CVE-2015-1136 | 1 Apple | 1 Mac Os X | 2019-01-31 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex. | |||||
CVE-2015-1135 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1134. | |||||
CVE-2015-1134 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135. | |||||
CVE-2015-1133 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135. | |||||
CVE-2015-1132 | 1 Apple | 1 Mac Os X | 2019-01-31 | 10.0 HIGH | N/A |
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. | |||||
CVE-2015-1131 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. | |||||
CVE-2015-1140 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors. | |||||
CVE-2015-1145 | 1 Apple | 1 Mac Os X | 2019-01-31 | 1.9 LOW | N/A |
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146. | |||||
CVE-2015-1143 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue. |