Mac Os X Security Vulnerabilities
CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen.
5.4AI Score
0.001EPSS
Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
7.6AI Score
0.004EPSS
CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration.
6.1AI Score
0.0004EPSS
The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.
6AI Score
0.001EPSS
The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires many random numbers.
5.9AI Score
0.0004EPSS
Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a crafted tty read operation.
5.7AI Score
0.0004EPSS
The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file.
5.7AI Score
0.0004EPSS
The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error.
5.8AI Score
0.0004EPSS
The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure.
5.8AI Score
0.0004EPSS
LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence.
5.8AI Score
0.001EPSS
App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox restrictions via a crafted app that uses the LaunchServices interface to specify process arguments.
5.9AI Score
0.002EPSS
The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging...
6AI Score
0.001EPSS
The auto-configuration feature in Mail in Apple Mac OS X before 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
5.8AI Score
0.001EPSS
Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof the existence of a cryptographic signature for an e-mail message by using the multipart/signed content type within an unsigned message.
6.2AI Score
0.001EPSS
Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network.
5.9AI Score
0.002EPSS
The kernel in Apple Mac OS X before 10.9 does not properly check for errors during the processing of multicast Wi-Fi packets, which allows remote attackers to cause a denial of service (system crash) by leveraging presence in an 802.11 network's coverage area.
6.2AI Score
0.001EPSS
The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network.
5.6AI Score
0.001EPSS
Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state.
5.5AI Score
0.0004EPSS
The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitive information by reading a screen that shoul...
5.5AI Score
0.001EPSS
The Screen Lock implementation in Apple Mac OS X before 10.9, when hibernation and autologin are enabled, does not require a password for a transition out of hibernation, which allows physically proximate attackers to obtain access by visiting an unattended workstation in the hibernating state.
6.2AI Score
0.001EPSS
Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the compl...
6.2AI Score
0.001EPSS
Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure.
6.3AI Score
0.002EPSS
The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions.
5.3AI Score
0.0004EPSS
The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number.
6AI Score
0.0004EPSS
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.
6.3AI Score
0.002EPSS
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
5.7AI Score
0.467EPSS
Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors.
6.2AI Score
0.0004EPSS
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (...
7.1AI Score
0.95EPSS
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
5.5AI Score
0.59EPSS
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
8.1AI Score
0.001EPSS
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption...
8.2AI Score
0.007EPSS
Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file.
5.2AI Score
0.0004EPSS
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall fu...
7AI Score
0.006EPSS
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regula...
7.7AI Score
0.01EPSS
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
9AI Score
0.0004EPSS
Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable.
3.8AI Score
0.0004EPSS
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
8.6AI Score
0.965EPSS
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file.
7.6AI Score
0.047EPSS
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
7.6AI Score
0.01EPSS
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
6.7AI Score
0.003EPSS
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
6.3AI Score
0.003EPSS
CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation.
6AI Score
0.0004EPSS
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
8.1AI Score
0.012EPSS
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
7.7AI Score
0.001EPSS
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
7.8AI Score
0.01EPSS
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
7.5AI Score
0.007EPSS
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.
6.6AI Score
0.003EPSS
curl and libcurl 7.27.0 through 7.35.0, when using the SecureTransport/Darwinssl backend, as used in in Apple OS X 10.9.x before 10.9.2, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a...
5.3AI Score
0.003EPSS
Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstances via standard filesystem operations on a file with a damaged ACL.
6.6AI Score
0.0004EPSS
The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.
5.8AI Score
0.0004EPSS