Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2021-12-23 CVE-2017-2488 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apple Remote Desktop
A cryptographic weakness existed in the authentication protocol of Remote Desktop.
network
low complexity
apple CWE-327
7.5
2021-12-23 CVE-2018-4302 NULL Pointer Dereference vulnerability in Apple products
A null pointer dereference was addressed with improved validation.
local
low complexity
apple CWE-476
7.8
2021-12-23 CVE-2018-4478 Improper Privilege Management vulnerability in Apple mac OS X
A validation issue was addressed with improved logic.
low complexity
apple CWE-269
6.8
2021-12-23 CVE-2019-8643 Unspecified vulnerability in Apple mac OS X
CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in macOS Mojave 10.14.
network
low complexity
apple
critical
9.8
2021-12-23 CVE-2019-8702 Exposure of Resource to Wrong Sphere vulnerability in Apple mac OS X
This issue was addressed with a new entitlement.
local
low complexity
apple CWE-668
5.5
2021-12-23 CVE-2019-8703 Unspecified vulnerability in Apple products
This issue was addressed with improved entitlements.
network
low complexity
apple
critical
9.8
2021-12-23 CVE-2020-3886 Use After Free vulnerability in Apple mac OS X
A use after free issue was addressed with improved memory management.
local
low complexity
apple CWE-416
7.8
2021-12-23 CVE-2020-3896 Unspecified vulnerability in Apple mac OS X
This issue was addressed by removing the vulnerable code.
local
low complexity
apple
5.5
2021-12-23 CVE-2021-30767 Unspecified vulnerability in Apple products
A logic issue was addressed with improved state management.
local
low complexity
apple
5.5
2021-12-20 CVE-2021-44224 NULL Pointer Dereference vulnerability in multiple products
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).
8.2