Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleMac Os X

80 matches found

CVE
CVEadded 2011/10/14 10:55 a.m.45 views

CVE-2011-3217

MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image.

6.8CVSS8.7AI score0.01387EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.44 views

CVE-2011-0176

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font.

6.8CVSS6.4AI score0.01577EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.44 views

CVE-2011-0181

Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.

6.8CVSS6.2AI score0.12356EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.44 views

CVE-2011-0193

Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.

6.8CVSS6.7AI score0.01162EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.44 views

CVE-2011-0202

Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.

6.8CVSS6.5AI score0.0148EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.44 views

CVE-2011-0206

Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.

7.5CVSS6.5AI score0.01074EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.44 views

CVE-2011-0207

The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network.

5CVSS4.7AI score0.00307EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.44 views

CVE-2011-0210

QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.

6.8CVSS6.3AI score0.02057EPSS
CVE
CVEadded 2011/01/25 1:0 a.m.44 views

CVE-2011-0639

Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the...

6.9CVSS7AI score0.00056EPSS
CVE
CVEadded 2011/03/04 11:0 p.m.44 views

CVE-2011-1073

crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXX...

1.9CVSS6.1AI score0.00021EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.44 views

CVE-2011-3213

The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for ...

7.6CVSS7.7AI score0.00216EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.44 views

CVE-2011-3214

IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors.

4.6CVSS7.8AI score0.00065EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.43 views

CVE-2011-0177

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font.

6.8CVSS6.4AI score0.01477EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.43 views

CVE-2011-0184

QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a crafted formula that uses unspecified opcodes.

6.8CVSS6.9AI score0.02428EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.43 views

CVE-2011-0194

Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

6.8CVSS6.7AI score0.01097EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.43 views

CVE-2011-0224

CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

6.8CVSS8.5AI score0.01405EPSS
CVE
CVEadded 2011/11/15 6:55 p.m.43 views

CVE-2011-1516

The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through 10.7.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of osascript to send Apple ...

7.6CVSS8.5AI score0.06076EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.42 views

CVE-2011-1132

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

4.9CVSS4.8AI score0.00045EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.42 views

CVE-2011-3228

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

6.8CVSS8.7AI score0.01383EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.41 views

CVE-2011-0179

CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font.

6.8CVSS6.8AI score0.01178EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.41 views

CVE-2011-0205

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

6.8CVSS6.6AI score0.06115EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.41 views

CVE-2011-0231

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

5CVSS7.8AI score0.00291EPSS
CVE
CVEadded 2011/03/23 2:0 a.m.40 views

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162.

4.9CVSS5.7AI score0.01975EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.40 views

CVE-2011-0198

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

6.8CVSS6.4AI score0.11351EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.40 views

CVE-2011-0229

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

6.8CVSS8.3AI score0.01825EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.40 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-m...

6.8CVSS8.5AI score0.0063EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.39 views

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.

5.9CVSS4.9AI score0.00173EPSS
CVE
CVEadded 2011/01/10 8:0 p.m.38 views

CVE-2010-4013

Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to interaction between Software Update and distribution scripts.

6.8CVSS7.4AI score0.00717EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.36 views

CVE-2011-3216

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

2.1CVSS7.5AI score0.00058EPSS
CVE
CVEadded 2011/06/30 3:55 p.m.35 views

CVE-2011-2601

The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to...

7.1CVSS6.6AI score0.00431EPSS
Total number of security vulnerabilities80