The version of Google Chrome installed on the remote macOS host is prior to 89.0.4389.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_03_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of macOS Server (formerly known as Mac OS X Server) installed on the remote host is prior to 5.11. It is, therefore, affected by an open redirect or cross-site scripting (XSS) vulnerability due to an issue in the parsing of URLs. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-09 advisory.

  - As specified in the W3C Content Security Policy draft, when creating a violation report, User agents need     to ensure that the source file is the URL requested by the page, pre-redirects. If thats not possible,     user agents need to strip the URL down to an origin to avoid unintentional leakage. Under certain types     of redirects, Thunderbird incorrectly set the source file to be the destination of the redirects. This was     fixed to be the redirect destination's origin. (CVE-2021-23969)

  - If Content Security Policy blocked frame navigation, the full destination of a redirect served in the     frame was reported in the violation report; as opposed to the original frame URI. This could be used to     leak sensitive information contained in such URIs. (CVE-2021-23968)

  - When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted,     and the content of that error may have revealed information about the resource. (CVE-2021-23973)

  - Mozilla developers Alexis Beingessner, Tyson Smith, Nika Layzell, and Mats Palmgren reported memory safety     bugs present in Thunderbird 78.7. Some of these bugs showed evidence of memory corruption and we presume     that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-23978)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-08 advisory.

  - As specified in the W3C Content Security Policy draft, when creating a violation report, User agents need     to ensure that the source file is the URL requested by the page, pre-redirects. If thats not possible,     user agents need to strip the URL down to an origin to avoid unintentional leakage. Under certain types     of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was     fixed to be the redirect destination's origin. (CVE-2021-23969)

  - If Content Security Policy blocked frame navigation, the full destination of a redirect served in the     frame was reported in the violation report; as opposed to the original frame URI. This could be used to     leak sensitive information contained in such URIs. (CVE-2021-23968)

  - When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted,     and the content of that error may have revealed information about the resource. (CVE-2021-23973)

  - Mozilla developers Alexis Beingessner, Tyson Smith, Nika Layzell, and Mats Palmgren reported memory safety     bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption     and we presume that with enough effort some of these could have been exploited to run arbitrary code.
    (CVE-2021-23978)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 86.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-07 advisory.

  - As specified in the W3C Content Security Policy draft, when creating a violation report, User agents need     to ensure that the source file is the URL requested by the page, pre-redirects. If thats not possible,     user agents need to strip the URL down to an origin to avoid unintentional leakage. Under certain types     of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was     fixed to be the redirect destination's origin. (CVE-2021-23969)

  - Context-specific code was included in a shared jump table; resulting in assertions being triggered in     multithreaded wasm code. (CVE-2021-23970)

  - If Content Security Policy blocked frame navigation, the full destination of a redirect served in the     frame was reported in the violation report; as opposed to the original frame URI. This could be used to     leak sensitive information contained in such URIs. (CVE-2021-23968)

  - The DOMParser API did not properly process <noscript> elements for escaping. This could     be used as an mXSS vector to bypass an HTML Sanitizer. (CVE-2021-23974)

  - When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's     Referrer-Policy. This would have potentially resulted in more information than intended by the original     origin being provided to the destination of the redirect. (CVE-2021-23971)

  - When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from     arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain     fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted     websites.Note: This issue is a different issue from CVE-2020-26954 and only affected Firefox for     Android. Other operating systems are unaffected. (CVE-2021-23976)

  - Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious     application to read sensitive data from application directories.Note: This issue is only affected     Firefox for Android. Other operating systems are unaffected. (CVE-2021-23977)

  - One phishing tactic on the web is to provide a link with HTTP Auth. For example     https://www.phishingtarget.com@evil.com. To mitigate this type of attack, Firefox will     display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a     redirect that was cached by the browser. (CVE-2021-23972)

  - The developer page about:memory has a Measure function for exploring what object types the browser has     allocated and their sizes. When this function was invoked; we incorrectly called the sizeof function,     instead of using the API method that checks for invalid pointers. (CVE-2021-23975)

  - When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted,     and the content of that error may have revealed information about the resource. (CVE-2021-23973)

  - Mozilla developers Alexis Beingessner, Tyson Smith, Nika Layzell, and Mats Palmgren reported memory safety     bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption     and we presume that with enough effort some of these could have been exploited to run arbitrary code.
    (CVE-2021-23978)

  - Mozilla developers Tyson Smith, Lars T Hansen, Valentin Gosu, and Sebastian Hengst reported memory safety     bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that     with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-23979)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 4.1.3. It is, therefore, affected by a PDF spoofing vulnerability. An Evil Annotation Attack may deliver incorrect validation results when validating certain certified PDF files whose visible content was significantly altered. 

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Foxit Reader for Mac installed on the remote macOS host is prior to 4.1.3. It is, therefore, affected by a PDF spoofing vulnerability. An Evil Annotation Attack may deliver incorrect validation results when validating certain certified PDF files whose visible content was significantly altered. 

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.182. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_02_stable-channel-update-for-desktop_16 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Photoshop installed on the remote macOS or Mac OS X host is prior to 21.2.5 or prior to 22.2. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-10 advisory.

  - An Out-of-bounds Read vulnerability exists when parsing a specially crafted file. An unauthenticated     attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the     current user. Exploitation of this issue requires user interaction in that a victim must open a     malicious file. (CVE-2021-21049, CVE-2021-21050)

  - An Out-of-bounds Write flaw exists that allows an unauthenticated attacker could leverage this     vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation     of this issue requires user interaction in that a victim must open a malicious file.(CVE-2021-21047)

  - A Memory Corruption vulnerability (Buffer Overflow) when parsing a specially crafted file. An     unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in     the context of the current user. Exploitation of this issue requires user interaction in that a     victim must open a malicious file.(CVE-2021-21048, CVE-2021-21051)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2021-002 Mojave, 10.15.x prior to 10.15.7 Supplemental Update Catalina, or 11.x prior to 11.2.1 Big Sur. It is, therefore, affected by multiple vulnerabilities, including the following:

  - An out-of-bounds-write vulnerability caused by insufficient input validation that allows an application     to execute arbitrary code with kernel privileges. (CVE-2021-1805)

  - A race condition due to insufficient validation that allows an application to execute arbitrary code with     kernel privileges. (CVE-2021-1806)

  - A local privilege elevation vulnerability in sudo caused by a heap-based buffer overflow. (CVE-2021-3156)


Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by multiple vulnerabilities.

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An     unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the     context of the current user. Exploitation of this issue requires user interaction in that a victim must     open a malicious file. (CVE-2021-21017)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker     could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
    Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21021, CVE-2021-21028, CVE-2021-21033, CVE-2021-21035, CVE-2021-21039, CVE-2021-21040)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated     attacker could leverage this vulnerability to locally elevate privileges in the context of the current     user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21034)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated     attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the     current user. Exploitation of this issue requires user interaction in that a victim must open a malicious     file. (CVE-2021-21036)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker     could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
    Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21037)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted     jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code     execution in the context of the current user. Exploitation of this issue requires user interaction in that     a victim must open a malicious file. (CVE-2021-21038, CVE-2021-21044)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker     could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
    Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21041)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated     attacker could leverage this vulnerability to locally escalate privileges in the context of the current     user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21042)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated     attacker could leverage this vulnerability to elevate privileges in the context of the current user.
    (CVE-2021-21045)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated     attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this     issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21046)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a     specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve     denial of service in the context of the current user. Exploitation of this issue requires user interaction     in that a victim must open a malicious file. (CVE-2021-21057)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially     crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code     execution in the context of the current user. Exploitation of this issue requires user interaction in that     a victim must open a malicious file. (CVE-2021-21058, CVE-2021-21059, CVE-2021-21062, CVE-2021-21063)

  - Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An     unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the     context of the current user. Exploitation of this issue requires user interaction in that a victim must     open a malicious file. (CVE-2021-21060)

  - Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially     crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive     information in the context of the current user. Exploitation of this issue requires user interaction in     that a victim must open a malicious file. (CVE-2021-21061)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2017.011.30188, 2020.001.30018, or 2020.013.20074. It is, therefore, affected by multiple vulnerabilities.

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An     unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the     context of the current user. Exploitation of this issue requires user interaction in that a victim must     open a malicious file. (CVE-2021-21017)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker     could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
    Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21021, CVE-2021-21028, CVE-2021-21033, CVE-2021-21035, CVE-2021-21039, CVE-2021-21040)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated     attacker could leverage this vulnerability to locally elevate privileges in the context of the current     user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21034)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated     attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the     current user. Exploitation of this issue requires user interaction in that a victim must open a malicious     file. (CVE-2021-21036)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker     could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
    Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21037)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted     jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code     execution in the context of the current user. Exploitation of this issue requires user interaction in that     a victim must open a malicious file. (CVE-2021-21038, CVE-2021-21044)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker     could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
    Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21041)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated     attacker could leverage this vulnerability to locally escalate privileges in the context of the current     user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    (CVE-2021-21042)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated     attacker could leverage this vulnerability to elevate privileges in the context of the current user.
    (CVE-2021-21045)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated     attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this     issue requires user interaction in that a victim must open a malicious file. (CVE-2021-21046)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a     specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve     denial of service in the context of the current user. Exploitation of this issue requires user interaction     in that a victim must open a malicious file. (CVE-2021-21057)

  - Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially     crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code     execution in the context of the current user. Exploitation of this issue requires user interaction in that     a victim must open a malicious file. (CVE-2021-21058, CVE-2021-21059, CVE-2021-21062, CVE-2021-21063)

  - Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An     unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the     context of the current user. Exploitation of this issue requires user interaction in that a victim must     open a malicious file. (CVE-2021-21060)

  - Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and     2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially     crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive     information in the context of the current user. Exploitation of this issue requires user interaction in     that a victim must open a malicious file. (CVE-2021-21061)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Microsoft .NET Core runtime installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities:

  - A denial of service vulnerability exists in .NET Core when creating HTTPS web requests during X509     certificate chain building. An unauthenticated, remote attacker can exploit this to cause the application     to stop responding. (CVE-2021-1721)

  - A remote code execution vulnerability exists in .NET Core when parsing certain types of graphics files. An     unauthenticated, remote attacker can exploit this to execute arbitrary code. This vulnerability only     exists on systems running on macOS or Linux. (CVE-2021-24112)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.150. It is, therefore, affected by a vulnerability as referenced in the 2021_02_stable-channel-update-for-desktop_4 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.3. It is, therefore, affected by vulnerabilities as referenced in the wireshark-3.4.3 advisory.

 - The USB HID dissector could leak memory. It may be possible to make Wireshark consume excessive    CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a    malformed packet trace file. (CVE-2021-22173)

 - The USB HID dissector could crash. It may be possible to make Wireshark crash by injecting a    malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
   (CVE-2021-22174)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2021-001 Mojave, 10.15.x prior to 10.15.7 Security Update 2021-001 Catalina, or 11.x prior to 11.2. It is, therefore, affected by multiple vulnerabilities, including the following:

  - A logic issue existed resulting in memory corruption. This was addressed with improved state management.
    An application may be able to execute arbitrary code with kernel privileges. (CVE-2020-27904)

  - A logic issue existed that allowed applications to execute arbitrary code with kernel privileges.
    (CVE-2021-1750)

  - An out-of-bounds-write caused by improper input validation allowed maliciously crafted USD files to     unexpectedly terminate an application or cause arbitrary code execution. (CVE-2021-1762)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.146. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_02_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-05 advisory.

  - If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-     origin information, when said information is served as chunked data. (CVE-2021-23953)

  - Using the new logical assignment operators in a JavaScript switch statement could have caused a type     confusion, leading to a memory corruption and a potentially exploitable crash. (CVE-2021-23954)

  - During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected     and evaluated within the encrypted session. (CVE-2020-15685)

  - When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former,     the service worker could have intercepted the request for the secure page despite the iframe not being a     secure context due to the (insecure) framing. (CVE-2020-26976)

  - Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a     potentially exploitable crash. (CVE-2021-23960)

  - Mozilla developers Alexis Beingessner, Christian Holler, Andrew McCreight, Tyson Smith, Jon Coppeard,     Andr Bargull, Jason Kratzer, Jesse Schwartzentruber, Steve Fink, Byron Campen reported memory safety bugs     present in Thunderbird 78.6. Some of these bugs showed evidence of memory corruption and we presume that     with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-23964)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory.

  - If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-     origin information, when said information is served as chunked data. (CVE-2021-23953)

  - Using the new logical assignment operators in a JavaScript switch statement could have caused a type     confusion, leading to a memory corruption and a potentially exploitable crash. (CVE-2021-23954)

  - The browser could have been confused into transferring a pointer lock state into another tab, which could     have lead to clickjacking attacks. (CVE-2021-23955)

  - An ambiguous file picker design could have confused users who intended to select and upload a single file     into uploading a whole directory. This was addressed by adding a new prompt. (CVE-2021-23956)

  - Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe     sandbox.Note: This issue only affected Firefox for Android. Other operating systems are unaffected.
    (CVE-2021-23957)

  - The browser could have been confused into transferring a screen sharing state into another tab, which     would leak unintended information. (CVE-2021-23958)

  - An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages     and the address bar.Note: This issue only affected Firefox for Android. Other operating systems are     unaffected. (CVE-2021-23959)

  - Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a     potentially exploitable crash. (CVE-2021-23960)

  - Further techniques that built on the slipstream research combined with a malicious webpage could have     exposed both an internal network's hosts as well as services running on the user's local machine.
    (CVE-2021-23961)

  - Incorrect use of the RowCountChanged method could have led to a user-after-poison and a     potentially exploitable crash. (CVE-2021-23962)

  - When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state     in the user interface, leading to loss of control over the currently granted permission (CVE-2021-23963)

  - Mozilla developers Andrew McCreight, Tyson Smith, Jesse Schwartzentruber, Jon Coppeard, Byron Campen,     Andr Bargull, Steve Fink, Jason Kratzer, Christian Holler, Alexis Beingessner reported memory safety bugs     present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we     presume that with enough effort some of these could have been exploited to run arbitrary code.
    (CVE-2021-23964)

  - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in     Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort     some of these could have been exploited to run arbitrary code. (CVE-2021-23965)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-04 advisory.

  - If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-     origin information, when said information is served as chunked data. (CVE-2021-23953)

  - Using the new logical assignment operators in a JavaScript switch statement could have caused a type     confusion, leading to a memory corruption and a potentially exploitable crash. (CVE-2021-23954)

  - When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former,     the service worker could have intercepted the request for the secure page despite the iframe not being a     secure context due to the (insecure) framing. (CVE-2020-26976)

  - Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a     potentially exploitable crash. (CVE-2021-23960)

  - Mozilla developers Alexis Beingessner, Christian Holler, Andrew McCreight, Tyson Smith, Jon Coppeard,     Andr Bargull, Jason Kratzer, Jesse Schwartzentruber, Steve Fink, Byron Campen reported memory safety bugs     present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we     presume that with enough effort some of these could have been exploited to run arbitrary code.
    (CVE-2021-23964)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.96. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_01_stable-channel-update-for-desktop_19 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Photoshop installed on the remote macOS or Mac OS X host is prior to 22.1.1. It is, therefore, affected by a vulnerability. Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Successful exploitation could lead to arbitrary code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Microsoft Office product installed on the remote host is missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities in Word and Excel.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.6.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-02 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.x prior to 11.5.7. It is, therefore, affected by a DoS vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 87.0.4280.141. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_01_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 84.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-01 advisory.

  - A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially     resulted in a use-after-free. We presume that with enough effort it could have been exploited to run     arbitrary code. (CVE-2020-16044)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.6.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-01 advisory.

  - A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially     resulted in a use-after-free. We presume that with enough effort it could have been exploited to run     arbitrary code. (CVE-2020-16044)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.1 advisory.

  - Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26418)

  - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8     allows denial of service via packet injection or crafted capture file. (CVE-2020-26421)

  - Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26420)

  - Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or     crafted capture file. (CVE-2020-26419)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.2. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.2 advisory.

  - The QUIC dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet     onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-26422)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.9 advisory.

  - Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26418)

  - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8     allows denial of service via packet injection or crafted capture file. (CVE-2020-26421)

  - Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via     packet injection or crafted capture file. (CVE-2020-26420)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 4.1. It is, therefore, affected by a code injection or information disclosure vulnerability because the Hardened Runtime capability was not enabled during code signing.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Foxit Reader for Mac installed on the remote macOS host is prior to 4.1. It is, therefore, affected by a code injection or information disclosure vulnerability because the Hardened Runtime capability was not enabled during code signing.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2020-007 Mojave, 10.15.x prior to 10.15.7 Security Update 2020-001 Catalina, or 11.x prior to 11.1. It is, therefore, affected by multiple vulnerabilities, including the following:

  - Processing a maliciously crafted audio file may lead to arbitrary code execution. (CVE-2020-9960,     CVE-2020-10017, CVE-2020-27908, CVE-2020-27910, CVE-2020-27916, CVE-2020-27948)

  - Processing a maliciously crafted image may lead to arbitrary code execution. (CVE-2020-9962,     CVE-2020-27912, CVE-2020-27919, CVE-2020-27923, CVE-2020-27924, CVE-2020-29611, CVE-2020-29616,     CVE-2020-29618)

  - Processing a maliciously crafted font file may lead to arbitrary code execution. (CVE-2020-9956,     CVE-2020-27922, CVE-2020-27931, CVE-2020-27943, CVE-2020-27944, CVE-2020-27952)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-56 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 84.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-54 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-55 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2017.011.30180, 2020.001.30010, or 2020.013.20066. It is, therefore, affected by a vulnerability.

  - Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180     (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get     a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem     without a prompt. User interaction is required to exploit this vulnerability. (CVE-2020-29075)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2017.011.30180, 2020.001.30010, or 2020.013.20066. It is, therefore, affected by a vulnerability.

  - Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180     (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get     a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem     without a prompt. User interaction is required to exploit this vulnerability. (CVE-2020-29075)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Adobe Prelude, an ingest and logging tool for tagging media with metadata for searching, post-production workflows and footage lifecycle management, is installed on the remote macOS or Mac OS X host.

The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2020-006 High Sierra, or 10.14.x prior to 10.14.6 Security Update 2020-006 Mojave. It is, therefore, affected by multiple vulnerabilities :

  - Processing a maliciously crafted font may lead to arbitrary code execution. (CVE-2020-27930)

  - A malicious application may be able to execute arbitrary code with kernel privileges. (CVE-2020-27932)

  - A malicious application may be able to disclose kernel memory. (CVE-2020-27950)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 87.0.4280.88. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_12_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.5.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2020-53 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.x prior to 11.5.7. It is, therefore, affected by a use-after-free error in the XHCI USB Controller. An unauthenticated, local attacker with administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

Note that Nessus has not tested for this issue, but has instead relied only on the application's self-reported version number.

OpenOffice, an open-source productivity suite, is installed on the remote macOS or Mac OS X host.

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.6. It is, therefore, affected by the following vulnerabilities:

  - A time-of-check time-of-use flaw exists related to ACPI device     handling that allows an authenticated administrator to leak     memory from the vmx process. (CVE-2020-3981)

  - A time-of-check time-of-use flaw exists related to ACPI device     handling that allows an authenticated administrator to crash the     vmx process or corrupt the hypervisor's memory heap.
    (CVE-2020-3982)

  - An unspecified flaw exists related to the VMCI host drivers that     allows an attacker having access to the virtual machine to cause     denial of service conditions via resource exhaustion.
    (CVE-2020-3995)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is running a version of macOS / Mac OS X that is 11.0.x prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities, including the following:

  - An out-of-bounds write issue that can lead to unexpected application termination or arbitrary code     execution when opening a maliciously crafted PDF file. (CVE-2020-9876)

  - An out-of-bounds write caused by insufficient input validation that can lead to arbitrary code execution     when processing a maliciously crafted image. (CVE-2020-9883)

  - A remote attacker may be able to unexpectedly alter the Mail application date due to insufficient checks.
    (CVE-2020-9941)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-52 advisory.

  - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to     potentially exploit heap corruption via a crafted HTML page. (CVE-2020-15999)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 87.0.4280.66. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_11_stable-channel-update-for-desktop_17 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-51 advisory.

  - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to     potentially exploit heap corruption via a crafted HTML page. (CVE-2020-15999)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
146949	Google Chrome < 89.0.4389.72 Multiple Vulnerabilities	critical
146823	macOS : macOS Server < 5.11 XSS (HT211932)	medium
146784	Mozilla Thunderbird < 78.8	high
146782	Mozilla Firefox ESR < 78.8	high
146779	Mozilla Firefox < 86.0	high
146590	Foxit PhantomPDF < 4.1.3 PDF Spoofing (macOS)	medium
146589	Foxit Reader < 4.1 PDF Spoofing (macOS)	medium
146543	Google Chrome < 88.0.4324.182 Multiple Vulnerabilities	medium
146447	Adobe Photoshop 21.x < 21.2.5 / 22.x < 22.2 Multiple Vulnerabilities (APSB21-10)	high
146427	macOS 10.14.x < 10.14.6 Security Update 2021-002 / 10.15.x < 10.15.7 Supplemental Update / macOS 11.x < 11.2.1 (HT212177)	high
146423	Adobe Reader <= 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Multiple Vulnerabilities (APSB21-09) (macOS)	high
146420	Adobe Acrobat <= 2017.011.30188 / 2020.001.30018 / 2020.013.20074 Multiple Vulnerabilities (APSB21-09) (macOS)	high
146347	Security Update for .NET Core (February 2021) (macOS)	high
146205	Google Chrome < 88.0.4324.150 Vulnerability	medium
146104	Wireshark 3.4.x < 3.4.3 Multiple Vulnerabilities (macOS)	medium
146086	macOS 10.14.x < 10.14.6 Security Update 2021-001 / 10.15.x < 10.15.7 Security Update 2021-001 / macOS 11.x < 11.2 (HT212147)	high
146061	Google Chrome < 88.0.4324.146 Multiple Vulnerabilities	medium
145467	Mozilla Thunderbird < 78.7	medium
145466	Mozilla Firefox < 85.0	medium
145447	Mozilla Firefox ESR < 78.7	high
145072	Google Chrome < 88.0.4324.96 Multiple Vulnerabilities	medium
145014	Adobe Photoshop 22.x <= 22.1 Arbitrary Code Execution (macOS APSB21-01)	medium
144981	Security Updates for Microsoft Office (January 2021) (macOS)	high
144855	Mozilla Thunderbird < 78.6.1	medium
144851	VMware Fusion 11.x < 11.5.7 DoS (VMSA-2020-0029)	low
144782	Google Chrome < 87.0.4280.141 Multiple Vulnerabilities	high
144772	Mozilla Firefox < 84.0.2	medium
144769	Mozilla Firefox ESR < 78.6.1	medium
144643	Wireshark 3.4.x < 3.4.1 Multiple Vulnerabilities (macOS)	medium
144639	Wireshark 3.4.x < 3.4.2 A Vulnerability (macOS)	medium
144635	Wireshark 3.2.x < 3.2.9 Multiple Vulnerabilities (macOS)	medium
144621	Foxit PhantomPDF < 4.1 Code Injection (macOS)	medium
144620	Foxit Reader < 4.1 Code Injection (macOS)	medium
144453	macOS 10.14.x < 10.14.6 Security Update 2020-007 / 10.15.x < 10.15.7 Security Update 2020-001 / macOS 11.x < 11.1 (HT212011)	high
144285	Mozilla Thunderbird < 78.6	medium
144283	Mozilla Firefox < 84.0	high
144277	Mozilla Firefox ESR < 78.6	medium
144108	Adobe Reader <= 2017.011.30180 / 2020.001.30010 / 2020.013.20066 Vulnerability (APSB20-75) (macOS)	medium
144106	Adobe Acrobat <= 2017.011.30180 / 2020.001.30010 / 2020.013.20066 Vulnerability (APSB20-75) (macOS)	medium
144055	Adobe Prelude Installed (macOS)	info
143478	macOS 10.13.x < 10.13.6 Security Update 2020-006 / 10.14.x < 10.14.6 Security Update 2020-006 (HT211946)	high
143470	Google Chrome < 87.0.4280.88 Multiple Vulnerabilities	high
143425	Mozilla Thunderbird < 78.5.1	high
143222	VMware Fusion 11.x < 11.5.7 Use-after-free (VMSA-2020-0026)	medium
143218	OpenOffice Installed (macOS)	info
143117	VMware Fusion 11.0.x < 11.5.6 Multiple Vulnerabilities (VMSA-2020-0023)	medium
143115	macOS 11.0.x < 11.0.1	high
143059	Mozilla Thunderbird < 78.5	high
142970	Google Chrome < 87.0.4280.66 Multiple Vulnerabilities	medium
142912	Mozilla Firefox ESR < 78.5	high

MacOS X Local Security Checks Family for Nessus

critical

medium

high

high

high

medium

medium

medium

high

high

high

high

high

medium

medium

high

medium

medium

medium

high

medium

medium

high

medium

low

high

medium

medium

medium

medium

medium

medium

medium

high

medium

high

medium

medium

medium

info

high

high

high

medium

info

medium

high

high

medium

high