Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Macos
(Apple)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1618 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-25 | CVE-2023-40425 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.7.1. An app with root privileges may be able to access private information. | Macos | 4.4 | ||
| 2023-05-26 | CVE-2023-28319 | A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed. | Macos, Curl, Clustered_data_ontap, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_antivirus_connector | 7.5 | ||
| 2023-05-26 | CVE-2023-28320 | A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | Macos, Curl, Clustered_data_ontap, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_antivirus_connector | 5.9 | ||
| 2023-09-27 | CVE-2023-37448 | A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen. | Macos | 3.3 | ||
| 2023-09-27 | CVE-2023-38586 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. | Macos | 10.0 | ||
| 2023-09-27 | CVE-2023-38615 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | Macos | 7.8 | ||
| 2023-09-27 | CVE-2023-39233 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may disclose sensitive information. | Macos | 6.5 | ||
| 2023-09-27 | CVE-2023-40386 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments. | Macos | 3.3 | ||
| 2023-09-27 | CVE-2023-40388 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. Safari may save photos to an unprotected location. | Macos | 4.3 | ||
| 2023-09-27 | CVE-2023-40402 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data. | Macos | 5.5 |