This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 1997-08-01
Product Macos Last view 2022-05-26
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* 605
cpe:2.3:o:apple:macos:8.6:*:*:*:*:*:*:* 604
cpe:2.3:o:apple:macos:8.5:*:*:*:*:*:*:* 604
cpe:2.3:o:apple:macos:9:*:*:*:*:*:*:* 604
cpe:2.3:o:apple:macos:1.0:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:7.5.3:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:7.6.1:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:7.6:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:8.1:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:8.0:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:9.0:*:*:*:*:*:*:* 603
cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:* 602
cpe:2.3:o:apple:macos:10.15.7:supplemental_update:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-008:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-007:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-006:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-005:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-004:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-003:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-002:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2021-001:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2020-001:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2022-001:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2022-002:*:*:*:*:*:* 588
cpe:2.3:o:apple:macos:10.15.7:security_update_2022-003:*:*:*:*:*:* 586
cpe:2.3:o:apple:macos:10.15.7:*:*:*:*:*:*:* 586
cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:* 563
cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:* 556
cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:* 524
cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:* 469
cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:* 466
cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:* 400
cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:* 398
cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:* 316
cpe:2.3:o:apple:macos:11.5:*:*:*:*:*:*:* 277
cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:* 235
cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:* 222
cpe:2.3:o:apple:macos:12.0.1:*:*:*:*:*:*:* 177

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2022-05-26 CVE-2022-26776

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8 2022-05-26 CVE-2022-26775

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8 2022-05-26 CVE-2022-26772

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26770

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26769

A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26768

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

5.5 2022-05-26 CVE-2022-26767

The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5 2022-05-26 CVE-2022-26766

A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

4.7 2022-05-26 CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7 2022-05-26 CVE-2022-26764

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

7.8 2022-05-26 CVE-2022-26763

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges.

7.8 2022-05-26 CVE-2022-26761

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26757

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26756

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

6.3 2022-05-26 CVE-2022-26755

This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.

7.8 2022-05-26 CVE-2022-26754

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26753

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26752

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26751

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8 2022-05-26 CVE-2022-26750

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26749

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

8.8 2022-05-26 CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution.

5.5 2022-05-26 CVE-2022-26746

This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5 2022-05-26 CVE-2022-26745

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory.

7 2022-05-26 CVE-2022-26743

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
26% (112) CWE-787 Out-of-bounds Write
17% (75) CWE-125 Out-of-bounds Read
7% (33) CWE-416 Use After Free
6% (27) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
4% (20) CWE-362 Race Condition
4% (17) CWE-668 Exposure of Resource to Wrong Sphere
3% (15) CWE-269 Improper Privilege Management
3% (15) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
3% (13) CWE-190 Integer Overflow or Wraparound
2% (12) CWE-20 Improper Input Validation
1% (7) CWE-665 Improper Initialization
1% (6) CWE-287 Improper Authentication
1% (6) CWE-200 Information Exposure
1% (6) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (5) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (5) CWE-415 Double Free
1% (5) CWE-276 Incorrect Default Permissions
1% (5) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (4) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (3) CWE-617 Reachable Assertion
0% (3) CWE-494 Download of Code Without Integrity Check
0% (3) CWE-281 Improper Preservation of Permissions
0% (2) CWE-476 NULL Pointer Dereference
0% (2) CWE-295 Certificate Issues
0% (2) CWE-191 Integer Underflow (Wrap or Wraparound)

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-56 Removing/short-circuiting 'guard logic'

Open Source Vulnerability Database (OSVDB)

id Description
14742 Apple Mac OS 9 Multiple Users Control Panel Privilege Escalation
9345 System Does Not Present Appropriate Legal Access Message
7036 Apple Mac OS X HTTP GET Request DoS
7034 Mac OS 9 Idle Lock Debugger Password Bypass
7033 Mac OS 9 Idle Lock Password Bypass
6331 Apple PowerBook Mac OS Control Panel Security Physical Bypass
4993 Mac OS Weak Encryption in Users & Groups Data File
1173 Mac OS 9 Open Transport Malformed ICMP Datagram Response DoS
95 Multiple Vendor ICMP netmask Request Information Disclosure
94 Multiple Vendor ICMP timestamp Request Information Disclosure

OpenVAS Exploits

id Description
2011-07-15 Name : ICMP Timestamp Detection
File : nvt/gb_icmp_timestamps.nasl

Snort® IPS/IDS

Date Description
2020-12-05 TRUFFLEHUNTER TALOS-2020-1125 attack attempt
RuleID : 54589 - Type : FILE-OTHER - Revision : 1
2020-12-05 TRUFFLEHUNTER TALOS-2020-1125 attack attempt
RuleID : 54588 - Type : FILE-OTHER - Revision : 1
2020-12-05 TRUFFLEHUNTER TALOS-2020-1120 attack attempt
RuleID : 54520 - Type : FILE-OTHER - Revision : 1
2020-12-05 TRUFFLEHUNTER TALOS-2020-1120 attack attempt
RuleID : 54519 - Type : FILE-OTHER - Revision : 1

Nessus® Vulnerability Scanner

id Description
1999-08-01 Name: It is possible to determine the exact time set on the remote host.
File: icmp_timestamp.nasl - Type: ACT_GATHER_INFO
1999-07-29 Name: The remote host is affected by an information disclosure vulnerability.
File: icmp_mask_req.nasl - Type: ACT_GATHER_INFO