Macos - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Macos
(Apple)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	1618

Date	Id	Summary	Products	Score	Patch	Annotated
2021-04-02	CVE-2021-1788	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.	Ipados, Iphone_os, Mac_os_x, Macos, Safari, Tvos, Watchos, Debian_linux, Fedora	8.8
2021-04-02	CVE-2021-1799	A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers.	Ipad_os, Iphone_os, Macos, Safari, Tvos, Watchos, Fedora, Webkitgtk	6.5
2021-04-02	CVE-2021-1801	This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.	Ipad_os, Iphone_os, Macos, Tvos, Watchos, Fedora, Webkitgtk	6.5
2021-04-02	CVE-2021-1844	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.	Ipados, Iphone_os, Macos, Safari, Tvos, Watchos, Debian_linux, Fedora	8.8
2021-05-18	CVE-2020-25709	A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.	Mac_os_x, Macos, Debian_linux, Openldap, Jboss_core_services	7.5
2021-08-24	CVE-2021-30851	A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.	Ipados, Iphone_os, Macos, Safari, Tvos, Watchos, Debian_linux, Fedora	8.8
2021-08-24	CVE-2021-30852	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.	Ipados, Iphone_os, Macos, Tvos, Watchos	8.8
2021-08-24	CVE-2021-30853	This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6. A malicious application may bypass Gatekeeper checks.	Macos	5.5
2021-08-24	CVE-2021-30855	A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. An application may be able to access restricted files.	Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos	5.5
2021-08-24	CVE-2021-30856	This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences.	Macos	9.1