Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleMac Os X10.8.3

67 matches found

CVE
CVEadded 2013/10/24 3:48 a.m.40 views

CVE-2013-5190

Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure.

4.3CVSS6.3AI score0.00366EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.40 views

CVE-2013-5191

The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions.

2.1CVSS5.3AI score0.00131EPSS
CVE
CVEadded 2013/06/05 2:39 p.m.39 views

CVE-2013-3954

The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive in...

6.9CVSS5.8AI score0.00116EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.39 views

CVE-2013-5172

The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.

7.1CVSS6AI score0.00525EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.39 views

CVE-2013-5184

The kernel in Apple Mac OS X before 10.9 does not properly check for errors during the processing of multicast Wi-Fi packets, which allows remote attackers to cause a denial of service (system crash) by leveraging presence in an 802.11 network's coverage area.

5.7CVSS6.2AI score0.00503EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.39 views

CVE-2013-5187

The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitive information by reading a screen that shoul...

1.9CVSS5.5AI score0.00131EPSS
CVE
CVEadded 2014/07/01 10:17 a.m.39 views

CVE-2014-1377

Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.

10CVSS7.1AI score0.01343EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.38 views

CVE-2013-5178

LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence.

5CVSS5.8AI score0.00351EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.38 views

CVE-2013-5189

Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the compl...

5.8CVSS6.2AI score0.0017EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.37 views

CVE-2013-5165

socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an application for which blocking was configured.

6.4CVSS6.2AI score0.00154EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.37 views

CVE-2013-5182

Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof the existence of a cryptographic signature for an e-mail message by using the multipart/signed content type within an unsigned message.

5CVSS6.2AI score0.00345EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.36 views

CVE-2013-5167

CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers.

5CVSS6.3AI score0.00351EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.36 views

CVE-2013-5173

The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires many random numbers.

2.1CVSS5.9AI score0.00131EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.36 views

CVE-2013-5183

Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network.

2.6CVSS5.9AI score0.00443EPSS
CVE
CVEadded 2013/06/05 2:39 p.m.35 views

CVE-2013-3952

The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle.

2.1CVSS5.8AI score0.00133EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.35 views

CVE-2013-5169

CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen.

1.9CVSS5.4AI score0.00131EPSS
CVE
CVEadded 2013/10/24 3:48 a.m.35 views

CVE-2013-5175

The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file.

6.6CVSS5.7AI score0.00138EPSS
Total number of security vulnerabilities67