Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2013-5176

  • EPSS 0.14%
  • Published 24.10.2013 03:48:49
  • Last modified 11.04.2025 00:51:21

The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error.

4.9

CVE-2013-5177

  • EPSS 0.14%
  • Published 24.10.2013 03:48:49
  • Last modified 11.04.2025 00:51:21

The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure.

7.5

CVE-2013-5135

  • EPSS 3.06%
  • Published 24.10.2013 03:48:48
  • Last modified 11.04.2025 00:51:21

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.

6.4

CVE-2013-5165

  • EPSS 0.15%
  • Published 24.10.2013 03:48:48
  • Last modified 11.04.2025 00:51:21

socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an application for which blocking...

4.9

CVE-2013-5166

  • EPSS 0.14%
  • Published 24.10.2013 03:48:48
  • Last modified 11.04.2025 00:51:21

The Bluetooth USB host controller in Apple Mac OS X before 10.9 prematurely deletes interfaces, which allows local users to cause a denial of service (system crash) via a crafted application.

6.6

CVE-2013-5163

  • EPSS 0.04%
  • Published 04.10.2013 10:44:07
  • Last modified 11.04.2025 00:51:21

Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors.

6.1

CVE-2011-2391

  • EPSS 1.13%
  • Published 19.09.2013 10:27:53
  • Last modified 11.04.2025 00:51:21

The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.

4.3

CVE-2013-1824

  • EPSS 1.67%
  • Published 16.09.2013 13:02:34
  • Last modified 11.04.2025 00:51:21

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity...

6.8

CVE-2013-1026

  • EPSS 1.01%
  • Published 16.09.2013 13:02:32
  • Last modified 11.04.2025 00:51:21

Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.

6.8

CVE-2013-1027

  • EPSS 3.51%
  • Published 16.09.2013 13:02:32
  • Last modified 11.04.2025 00:51:21

Installer in Apple Mac OS X before 10.8.5 provides an option to continue a package's installation after encountering a revoked certificate, which might allow user-assisted remote attackers to execute arbitrary code via a crafted package.