Apple » Airport Base Station Firmware : Security Vulnerabilities, CVEs, CVSS score >= 7
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service.
Max CVSS
7.8
EPSS Score
0.20%
Published
2020-10-27
Updated
2020-10-30
An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory.
Max CVSS
9.8
EPSS Score
0.45%
Published
2020-10-27
Updated
2020-10-30
Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted.
Max CVSS
7.5
EPSS Score
0.09%
Published
2020-10-27
Updated
2020-10-30
A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.
Max CVSS
9.8
EPSS Score
0.91%
Published
2020-10-27
Updated
2020-10-30
The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information.
Max CVSS
7.5
EPSS Score
0.18%
Published
2020-10-27
Updated
2020-10-30
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.
Max CVSS
9.8
EPSS Score
0.92%
Published
2020-10-27
Updated
2020-10-30
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
Max CVSS
9.8
EPSS Score
1.24%
Published
2016-06-26
Updated
2019-06-19
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
Max CVSS
9.8
EPSS Score
1.15%
Published
2016-06-26
Updated
2019-06-19
Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.34%
Published
2016-07-03
Updated
2017-09-01
9 vulnerabilities found