VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2016-4715LowSep 25, 2016
    risk 0.22cvss 3.3epss 0.01

    The Date & Time Pref Pane component in Apple OS X before 10.12 mishandles the .GlobalPreferences file, which allows attackers to discover a user's location via a crafted app.

  • CVE-2016-1798LowMay 20, 2016
    risk 0.22cvss 3.3epss 0.01

    Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1796LowMay 20, 2016
    risk 0.22cvss 3.3epss 0.01

    Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app.

  • CVE-2016-1791LowMay 20, 2016
    risk 0.22cvss 3.3epss 0.01

    The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

  • CVE-2016-1758LowMar 24, 2016
    risk 0.22cvss 3.3epss 0.01

    The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.

  • CVE-2016-1748LowMar 24, 2016
    risk 0.22cvss 3.3epss 0.01

    IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

  • CVE-2014-4407LowSep 18, 2014
    risk 0.22cvss 3.3epss 0.01

    IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.

  • CVE-2017-13801LowNov 13, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search.

  • CVE-2017-7138LowOct 23, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Directory Utility" component. It allows local users to discover the Apple ID of the computer's owner.

  • CVE-2016-7714LowFeb 20, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via…

  • CVE-2016-7625LowFeb 20, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.

  • CVE-2016-7624LowFeb 20, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.

  • CVE-2016-7620LowFeb 20, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.

  • CVE-2016-4670LowFeb 20, 2017
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log.

  • CVE-2016-4645LowJul 22, 2016
    risk 0.21cvss 3.3epss 0.00

    CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.

  • CVE-2016-1862LowJun 19, 2016
    risk 0.21cvss 3.3epss 0.01

    Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.

  • CVE-2016-1860LowJun 19, 2016
    risk 0.21cvss 3.3epss 0.01

    Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.

  • CVE-2016-1773LowMar 24, 2016
    risk 0.21cvss 3.3epss 0.00

    The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.

  • CVE-2017-7082LowOct 23, 2017
    risk 0.16cvss 2.4epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Screen Lock" component. It allows physically proximate attackers to read Application Firewall prompts.

  • CVE-2015-0235Jan 28, 2015
    risk 0.11cvss epss 0.95

    Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Page 29 of 105