Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Mac Os X
Total 5290 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-30860 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2021-09-24 6.8 MEDIUM 7.8 HIGH
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2019-15166 6 Apple, Debian, Fedoraproject and 3 more 6 Mac Os X, Debian Linux, Fedora and 3 more 2021-09-23 5.0 MEDIUM 7.5 HIGH
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2020-8284 6 Apple, Debian, Fedoraproject and 3 more 14 Mac Os X, Macos, Debian Linux and 11 more 2021-09-23 4.3 MEDIUM 3.7 LOW
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
CVE-2017-11292 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 6.5 MEDIUM 8.8 HIGH
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.
CVE-2017-11305 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 5.0 MEDIUM 7.5 HIGH
A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
CVE-2017-3074 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3099 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3080 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.
CVE-2017-3073 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3106 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3071 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3072 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3085 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
CVE-2017-3100 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.
CVE-2016-4171 6 Adobe, Apple, Google and 3 more 12 Flash Player, Flash Player For Linux, Mac Os X and 9 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
CVE-2016-4153 6 Adobe, Apple, Google and 3 more 12 Flash Player, Flash Player For Linux, Mac Os X and 9 more 2021-09-22 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4155 6 Adobe, Apple, Google and 3 more 12 Flash Player, Flash Player For Linux, Mac Os X and 9 more 2021-09-22 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4154 6 Adobe, Apple, Google and 3 more 12 Flash Player, Flash Player For Linux, Mac Os X and 9 more 2021-09-22 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2017-3069 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3070 5 Adobe, Apple, Google and 2 more 8 Flash Player, Mac Os X, Macos and 5 more 2021-09-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.