VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2017-13860MedDec 25, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle attackers to read e-mail content by leveraging mishandling of S/MIME credential…

  • CVE-2017-6988MedMay 22, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "802.1X" component. It allows remote attackers to discover the network credentials of arbitrary users by operating a crafted network that requires 802.1X authentication,…

  • CVE-2017-2448MedApr 2, 2017
    risk 0.38cvss 5.9epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Keychain secret protection…

  • CVE-2016-7636MedFeb 20, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows man-in-the-middle attackers to cause a denial of service (application…

  • CVE-2016-7579MedFeb 20, 2017
    risk 0.38cvss 5.9epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "CFNetwork Proxies" component, which allows man-in-the-middle attackers to spoof a proxy password…

  • CVE-2016-4721MedFeb 20, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification.

  • CVE-2016-4722MedSep 25, 2016
    risk 0.38cvss 5.9epss 0.02

    The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors.

  • CVE-2015-3195MedDec 6, 2015
    risk 0.38cvss 5.3epss 0.39

    The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information…

  • CVE-2011-0199MedJun 24, 2011
    risk 0.38cvss 5.9epss 0.01

    The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.

  • CVE-2017-13842MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13841MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13840MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13836MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13828MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text.

  • CVE-2017-13823MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13822MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13821MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13818MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

  • CVE-2017-13817MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.00

    An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions.

  • CVE-2017-13810MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to obtain sensitive information by leveraging an error in packet counters.

Page 24 of 105