| Month | Quarter | Year |
|---|---|---|
| #23 | #94 | #50 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2017-2534 | CWE-284 | Improper Access Control | 8.6 |
|
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks via a crafted app.
|
|||
| CVE-2017-2533 | CWE-362 | Race Conditions | 7.0 |
|
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
|||
| CVE-2017-13833 | CWE-119 | Buffer Errors | 7.8 |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
|||
| CVE-2017-13829 | CWE-119 | Buffer Errors | 7.8 |
|
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
|||