Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2012-1147

  • EPSS 1.09%
  • Published 03.07.2012 19:55:02
  • Last modified 11.04.2025 00:51:21

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

5

CVE-2012-1148

  • EPSS 1.44%
  • Published 03.07.2012 19:55:02
  • Last modified 11.04.2025 00:51:21

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation...

9.8

CVE-2012-1823

Warning Exploit
  • EPSS 94.39%
  • Published 11.05.2012 10:15:48
  • Last modified 11.04.2025 00:51:21

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by ...

2.1

CVE-2012-0657

  • EPSS 0.06%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors.

6.8

CVE-2012-0658

  • EPSS 1.91%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.

6.8

CVE-2012-0659

  • EPSS 1.78%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

6.8

CVE-2012-0660

  • EPSS 1.78%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

6.8

CVE-2012-0661

  • EPSS 1.31%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.

7.5

CVE-2012-0662

  • EPSS 1.75%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

4.3

CVE-2012-0675

  • EPSS 0.51%
  • Published 11.05.2012 03:49:59
  • Last modified 11.04.2025 00:51:21

Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.