VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2014-4388HigSep 18, 2014
    risk 0.51cvss 7.8epss 0.02

    IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different…

  • CVE-2014-4375HigSep 18, 2014
    risk 0.51cvss 7.8epss 0.00

    Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.

  • CVE-2010-0036HigJan 20, 2010
    risk 0.51cvss 7.8epss 0.04

    Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.

  • CVE-2007-4268HigNov 15, 2007
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as…

  • CVE-2007-3749HigNov 15, 2007
    risk 0.51cvss 7.8epss 0.00

    The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to…

  • CVE-2016-4447HigJun 9, 2016
    risk 0.50cvss 7.5epss 0.14

    The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

  • CVE-2016-1757HigMar 24, 2016
    risk 0.50cvss 7.0epss 0.13

    Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2006-4095HigSep 6, 2006
    risk 0.50cvss 7.5epss 0.13

    BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

  • CVE-2004-0079HigNov 23, 2004
    risk 0.50cvss 7.5epss 0.10

    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

  • CVE-2012-5366HigFeb 20, 2020
    risk 0.49cvss 7.5epss 0.02

    The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

  • CVE-2017-13878HigDec 25, 2017
    risk 0.49cvss 7.1epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash).

  • CVE-2017-13871HigDec 25, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the lack of installation of an…

  • CVE-2017-7086HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource…

  • CVE-2017-7080HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust…

  • CVE-2017-6979HigMay 22, 2017
    risk 0.49cvss 7.0epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "IOSurface" component. A race condition allows attackers to execute…

  • CVE-2017-2533HigMay 22, 2017
    risk 0.49cvss 7.0epss 0.04

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2017-2501HigMay 22, 2017
    risk 0.49cvss 7.0epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary…

  • CVE-2017-2478HigApr 2, 2017
    risk 0.49cvss 7.0epss 0.05

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code…

  • CVE-2017-2461HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service…

  • CVE-2017-2456HigApr 2, 2017
    risk 0.49cvss 7.0epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code…

Page 19 of 105