Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleMac Os X

220 matches found

CVE
CVEadded 2016/05/20 10:59 a.m.40 views

CVE-2016-1844

The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors.

5.3CVSS5.8AI score0.01151EPSS
CVE
CVEadded 2016/07/22 2:59 a.m.40 views

CVE-2016-4595

Safari Login AutoFill in Apple OS X before 10.11.6 allows physically proximate attackers to discover passwords by reading the screen during the login procedure.

4.6CVSS6AI score0.00068EPSS
CVE
CVEadded 2016/07/22 2:59 a.m.40 views

CVE-2016-4634

The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7.8AI score0.00054EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.40 views

CVE-2016-4696

AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

9.3CVSS8.4AI score0.00215EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.39 views

CVE-2016-1797

Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.

9.3CVSS7.4AI score0.00223EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.39 views

CVE-2016-1799

Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8AI score0.00215EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.39 views

CVE-2016-1843

The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors.

7.5CVSS6.8AI score0.01287EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.39 views

CVE-2016-4706

cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors.

5.5CVSS6AI score0.00049EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.39 views

CVE-2016-4715

The Date & Time Pref Pane component in Apple OS X before 10.12 mishandles the .GlobalPreferences file, which allows attackers to discover a user's location via a crafted app.

4.3CVSS5.1AI score0.00228EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.39 views

CVE-2016-4752

The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation.

5.5CVSS6.1AI score0.00254EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.38 views

CVE-2016-1798

Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

4.3CVSS5.3AI score0.00203EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.38 views

CVE-2016-1816

IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

9.3CVSS8AI score0.00228EPSS
CVE
CVEadded 2016/07/22 2:59 a.m.38 views

CVE-2016-4599

QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document.

7.8CVSS8.6AI score0.00655EPSS
CVE
CVEadded 2016/07/22 3:0 a.m.38 views

CVE-2016-4640

Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.0019EPSS
CVE
CVEadded 2016/07/22 3:0 a.m.37 views

CVE-2016-4647

Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.

7.8CVSS7.3AI score0.00051EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.37 views

CVE-2016-4745

The Kerberos 5 (aka krb5) PAM module in Apple OS X before 10.12 does not use constant-time operations for determining username validity, which makes it easier for remote attackers to enumerate user accounts via a timing side-channel attack.

5.3CVSS6.3AI score0.00407EPSS
CVE
CVEadded 2016/05/20 11:0 a.m.36 views

CVE-2016-1851

The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors.

4.6CVSS5.5AI score0.00088EPSS
CVE
CVEadded 2016/07/22 3:0 a.m.36 views

CVE-2016-4646

Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.

6.5CVSS6.8AI score0.00535EPSS
CVE
CVEadded 2016/07/22 2:59 a.m.35 views

CVE-2016-4633

Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

7.8CVSS8.4AI score0.0005EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.35 views

CVE-2016-4716

diskutil in DiskArbitration in Apple OS X before 10.12 allows local users to gain privileges via unspecified vectors.

7.8CVSS7.7AI score0.00049EPSS
Total number of security vulnerabilities220