This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 1999-05-21
Product Macos Last view 2022-05-26
Version 8.5 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:apple:macos

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2022-05-26 CVE-2022-26776

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8 2022-05-26 CVE-2022-26775

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8 2022-05-26 CVE-2022-26772

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26770

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26769

A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26768

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

5.5 2022-05-26 CVE-2022-26767

The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5 2022-05-26 CVE-2022-26766

A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

4.7 2022-05-26 CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7 2022-05-26 CVE-2022-26764

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

7.8 2022-05-26 CVE-2022-26763

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges.

7.8 2022-05-26 CVE-2022-26761

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26757

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26756

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

6.3 2022-05-26 CVE-2022-26755

This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.

7.8 2022-05-26 CVE-2022-26754

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26753

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26752

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26751

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8 2022-05-26 CVE-2022-26750

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26749

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

8.8 2022-05-26 CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution.

5.5 2022-05-26 CVE-2022-26746

This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5 2022-05-26 CVE-2022-26745

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory.

7 2022-05-26 CVE-2022-26743

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
31% (125) CWE-787 Out-of-bounds Write
18% (73) CWE-125 Out-of-bounds Read
8% (33) CWE-416 Use After Free
6% (27) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
4% (20) CWE-362 Race Condition
3% (14) CWE-269 Improper Privilege Management
3% (13) CWE-190 Integer Overflow or Wraparound
1% (8) CWE-665 Improper Initialization
1% (8) CWE-20 Improper Input Validation
1% (7) CWE-668 Exposure of Resource to Wrong Sphere
1% (6) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
1% (6) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (5) CWE-415 Double Free
1% (5) CWE-287 Improper Authentication
1% (5) CWE-276 Incorrect Default Permissions
1% (5) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (4) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (4) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (3) CWE-617 Reachable Assertion
0% (3) CWE-476 NULL Pointer Dereference
0% (3) CWE-281 Improper Preservation of Permissions
0% (2) CWE-494 Download of Code Without Integrity Check
0% (2) CWE-295 Certificate Issues
0% (2) CWE-200 Information Exposure
0% (2) CWE-191 Integer Underflow (Wrap or Wraparound)

Open Source Vulnerability Database (OSVDB)

id Description
6331 Apple PowerBook Mac OS Control Panel Security Physical Bypass
4993 Mac OS Weak Encryption in Users & Groups Data File

Snort® IPS/IDS

Date Description
2020-12-05 TRUFFLEHUNTER TALOS-2020-1125 attack attempt
RuleID : 54589 - Type : FILE-OTHER - Revision : 1
2020-12-05 TRUFFLEHUNTER TALOS-2020-1125 attack attempt
RuleID : 54588 - Type : FILE-OTHER - Revision : 1
2020-12-05 TRUFFLEHUNTER TALOS-2020-1120 attack attempt
RuleID : 54520 - Type : FILE-OTHER - Revision : 1
2020-12-05 TRUFFLEHUNTER TALOS-2020-1120 attack attempt
RuleID : 54519 - Type : FILE-OTHER - Revision : 1

Nessus® Vulnerability Scanner

id Description
2018-02-09 Name: An enterprise data warehousing component installed on the remote Linux host i...
File: ibm_netezza_analytics_swg22012645.nasl - Type: ACT_GATHER_INFO
2017-01-12 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-21.nasl - Type: ACT_GATHER_INFO