CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X : Security Vulnerabilities Published In 2017 (Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-13883 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
2 CVE-2017-13876 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
3 CVE-2017-13867 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
4 CVE-2017-13862 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
5 CVE-2017-13847 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
6 CVE-2017-13843 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
7 CVE-2017-13838 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
8 CVE-2017-13834 119 DoS Overflow Mem. Corr. 2017-11-12 2017-11-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary.
9 CVE-2017-13833 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-12-25
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
10 CVE-2017-13830 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
11 CVE-2017-13829 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
12 CVE-2017-13824 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted AppleScript file that is mishandled by osadecompile.
13 CVE-2017-13820 119 DoS Overflow Mem. Corr. +Info 2017-11-12 2017-11-27
5.8
None Remote Medium Not required Partial None Partial
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font.
14 CVE-2017-13816 119 DoS Exec Code Overflow 2017-11-12 2017-11-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.
15 CVE-2017-13814 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file.
16 CVE-2017-13813 119 DoS Exec Code Overflow 2017-11-12 2017-11-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.
17 CVE-2017-13812 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted archive file.
18 CVE-2017-13811 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
19 CVE-2017-13808 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
20 CVE-2017-13800 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
21 CVE-2017-13799 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-28
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
22 CVE-2017-7163 119 DoS Exec Code Overflow Mem. Corr. 2017-12-27 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
23 CVE-2017-7162 119 DoS Exec Code Overflow Mem. Corr. 2017-12-27 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
24 CVE-2017-7159 119 DoS Exec Code Overflow Mem. Corr. 2017-12-27 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
25 CVE-2017-7158 119 Overflow 2017-12-27 2017-12-29
6.8
None Remote Low Single system Complete None None
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Screen Sharing Server" component. It allows attackers to obtain root privileges for reading files by leveraging screen-sharing access.
26 CVE-2017-7155 119 DoS Exec Code Overflow Mem. Corr. 2017-12-27 2017-12-29
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
27 CVE-2017-7130 119 DoS Overflow 2017-10-22 2017-10-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
28 CVE-2017-7129 119 DoS Overflow 2017-10-22 2017-10-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
29 CVE-2017-7128 119 DoS Overflow 2017-10-22 2017-10-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
30 CVE-2017-7127 119 DoS Exec Code Overflow Mem. Corr. 2017-10-22 2017-10-27
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. iCloud before 7.0 on Windows is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "SQLite" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
31 CVE-2017-7114 119 DoS Exec Code Overflow Mem. Corr. 2017-10-22 2017-10-26
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
32 CVE-2017-7077 119 DoS Exec Code Overflow Mem. Corr. 2017-10-22 2017-10-26
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
33 CVE-2017-7076 119 DoS Exec Code Overflow Mem. Corr. 2017-10-22 2017-10-26
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file.
34 CVE-2017-7069 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
35 CVE-2017-7068 119 DoS Exec Code Overflow 2017-07-20 2017-07-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.
36 CVE-2017-7062 119 DoS Exec Code Overflow 2017-07-20 2017-07-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Contacts" component. A buffer overflow allows remote attackers to execute arbitrary code or cause a denial of service (application crash).
37 CVE-2017-7054 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-21
7.9
None Local Network Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
38 CVE-2017-7051 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-21
7.9
None Local Network Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
39 CVE-2017-7050 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-21
7.9
None Local Network Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
40 CVE-2017-7047 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-08-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
41 CVE-2017-7044 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
42 CVE-2017-7035 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
43 CVE-2017-7033 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "afclip" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file.
44 CVE-2017-7032 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
45 CVE-2017-7031 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file.
46 CVE-2017-7027 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
47 CVE-2017-7026 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
48 CVE-2017-7021 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "AppleGraphicsPowerManagement" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
49 CVE-2017-7017 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
50 CVE-2017-7016 119 DoS Exec Code Overflow Mem. Corr. 2017-07-20 2017-07-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "afclip" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file.
Total number of vulnerabilities : 135   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.