VYPR

Spotlight

by Apple Inc.

CVEs (2)

  • CVE-2014-8839Jan 30, 2015
    risk 0.00cvss epss 0.02

    Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's…

  • CVE-2009-2840Nov 10, 2009
    risk 0.00cvss epss 0.00

    Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors.