Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleMac Os X Server10.7.4

17 matches found

CVE
CVEadded 2013/06/05 2:39 p.m.64 views

CVE-2013-0982

The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation.

1.7CVSS6.3AI score0.00053EPSS
CVE
CVEadded 2014/02/27 1:55 a.m.58 views

CVE-2014-1268

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.

6.8CVSS7.8AI score0.0105EPSS
CVE
CVEadded 2014/02/27 1:55 a.m.57 views

CVE-2014-1270

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.

6.8CVSS7.8AI score0.0105EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.56 views

CVE-2013-0966

The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.

6.4CVSS6.3AI score0.00241EPSS
CVE
CVEadded 2014/02/27 1:55 a.m.54 views

CVE-2014-1269

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270.

6.8CVSS7.8AI score0.0105EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.52 views

CVE-2013-0971

Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted ink annotations in a PDF document.

6.8CVSS7.6AI score0.0147EPSS
CVE
CVEadded 2014/04/23 11:52 a.m.51 views

CVE-2014-1296

CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connect...

4.3CVSS5.9AI score0.00207EPSS
CVE
CVEadded 2013/06/05 2:39 p.m.50 views

CVE-2013-0975

Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

6.8CVSS7.8AI score0.00892EPSS
CVE
CVEadded 2013/06/05 2:39 p.m.49 views

CVE-2013-0990

SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, allows remote authenticated users to create or modify files outside of a shared directory via unspecified vectors.

4.9CVSS5.8AI score0.00432EPSS
CVE
CVEadded 2014/02/27 1:55 a.m.47 views

CVE-2014-1259

Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.

6.8CVSS7.7AI score0.00697EPSS
CVE
CVEadded 2014/07/01 10:17 a.m.46 views

CVE-2014-1370

The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.

6.8CVSS7.8AI score0.01847EPSS
CVE
CVEadded 2013/03/15 8:55 p.m.43 views

CVE-2013-0973

Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream.

6.8CVSS6.5AI score0.0035EPSS
CVE
CVEadded 2014/02/27 1:55 a.m.43 views

CVE-2014-1256

Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.

7.5CVSS6.3AI score0.00378EPSS
CVE
CVEadded 2013/06/05 2:39 p.m.42 views

CVE-2013-1024

CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

6.8CVSS7.4AI score0.00901EPSS
CVE
CVEadded 2014/02/27 1:55 a.m.42 views

CVE-2014-1265

The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.

4.6CVSS5.8AI score0.00054EPSS
CVE
CVEadded 2014/07/01 10:17 a.m.42 views

CVE-2014-1371

Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.

7.5CVSS7.6AI score0.00788EPSS
CVE
CVEadded 2012/09/20 9:55 p.m.41 views

CVE-2012-3716

CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph.

7.5CVSS7.6AI score0.15261EPSS