Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
#Vulnerabilities | 3208 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-12-07 | CVE-2018-18311 | Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Web_gateway, E\-Series_santricity_os_controller, Snap_creator_framework, Snapcenter, Snapdriver, Perl, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openshift_container_platform | 9.8 | ||
2018-12-07 | CVE-2018-18313 | Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | Mac_os_x, Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, Snap_creator_framework, Snapcenter, Snapdrive, Perl, Enterprise_linux | 9.1 | ||
2019-01-11 | CVE-2018-4298 | In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation. | Apple_tv, Iphone_os, Mac_os_x, Watchos | 9.8 | ||
2019-07-01 | CVE-2019-13118 | In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. | Icloud, Iphone_os, Itunes, Mac_os_x, Macos, Tvos, Ubuntu_linux, Fedora, Active_iq_unified_manager, Cloud_backup, Clustered_data_ontap, E\-Series_performance_analyzer, E\-Series_santricity_management_plug\-Ins, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Plug\-In_for_symantec_netbackup, Santricity_unified_manager, Steelstore_cloud_integrated_storage, Leap, Jdk, Libxslt | 5.3 | ||
2019-07-26 | CVE-2019-13565 | An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches,... | Mac_os_x, Ubuntu_linux, Debian_linux, Traffix_signaling_delivery_controller, Openldap, Leap, Blockchain_platform, Solaris, Zfs_storage_appliance_kit | 7.5 | ||
2019-10-03 | CVE-2018-14461 | The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | Mac_os_x, Debian_linux, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
2019-10-03 | CVE-2018-14462 | The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | Mac_os_x, Debian_linux, Traffix_signaling_delivery_controller, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
2019-10-03 | CVE-2018-14463 | The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | Mac_os_x, Debian_linux, Traffix_signaling_delivery_controller, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
2019-10-03 | CVE-2018-14464 | The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | Mac_os_x, Debian_linux, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
2019-10-03 | CVE-2018-14465 | The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | Mac_os_x, Debian_linux, Traffix_signaling_delivery_controller, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 |