Vulnerabilities > Apple > MAC OS X > 10.13
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-13 | CVE-2017-13800 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 9.3 |
| 2017-11-13 | CVE-2017-13799 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.3 |
| 2017-11-13 | CVE-2017-13786 | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 2.1 |
| 2017-11-13 | CVE-2017-13782 | Information Exposure vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
| 2017-10-23 | CVE-2017-7149 | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 2.1 |
| 2017-07-13 | CVE-2017-9788 | Improper Input Validation vulnerability in multiple products In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. | 9.1 |
| 2017-07-13 | CVE-2017-11103 | Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. | 6.8 |
| 2017-06-20 | CVE-2017-7668 | Out-of-bounds Read vulnerability in multiple products The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. | 7.5 |
| 2017-06-20 | CVE-2017-3167 | Improper Authentication vulnerability in multiple products In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. | 9.8 |
| 2017-05-23 | CVE-2016-9843 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 9.8 |