Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-2429 | 5.0 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "FinderKit" component. It allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging unexpect
|
24-08-2020 - 17:37 | 02-04-2017 - 01:59 | |
CVE-2017-2402 | 7.5 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to bypass
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2417 | 4.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attacker
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2381 | 6.5 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network directory s
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2474 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows atta
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2461 | 5.0 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2390 | 2.1 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It a
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2486 | 4.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2423 | 7.5 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successfu
|
03-10-2019 - 00:03 | 02-04-2017 - 01:59 | |
CVE-2017-2406 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2379 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Carbon" component. It allows remote attackers to e
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2458 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows att
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2482 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attack
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2448 | 4.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Key
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2432 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2485 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2473 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2450 | 5.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2439 | 5.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2472 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2451 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execut
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2441 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerabili
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2407 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2430 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to ex
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2487 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2467 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2440 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2483 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attack
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2428 | 7.5 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component.
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2478 | 7.6 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attacke
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2456 | 7.6 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attacke
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2462 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to ex
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2435 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2416 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2017-2401 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
|
08-03-2019 - 16:06 | 02-04-2017 - 01:59 | |
CVE-2016-5636 | 10.0 |
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based bu
|
09-02-2019 - 11:29 | 02-09-2016 - 14:59 | |
CVE-2017-2457 | 6.8 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corru
|
16-08-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2443 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory
|
16-08-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-6974 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the system-installation subsystem of the "System Integrity Protection" component. It allows attackers to modify the contents of a protected disk l
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2436 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrupti
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2410 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2398 | 9.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of se
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2409 | 5.8 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash)
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2438 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2425 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "SecurityFoundation" component. A double free vulnerability allows remote attackers to execute arbitrary code via a crafted certificate.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2431 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "CoreMedia" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cr
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2427 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2421 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleGraphicsPowerManagement" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted ap
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2422 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2403 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Printing" component. A format-string vulnerability allows remote attackers to execute arbitrary code via a crafted ipp: or ipps: URL.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2418 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2408 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOATAFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2426 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local files via a file: URL in an iBooks file.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2413 | 6.8 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "QuickTime" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cr
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2420 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2388 | 4.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2016-7585 | 2.1 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2449 | 9.3 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2437 | 7.2 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 | |
CVE-2017-2392 | 6.8 |
An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
|
12-07-2017 - 01:29 | 02-04-2017 - 01:59 |