Apple

macOS X

3207 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.92%
  • Veröffentlicht 25.09.2016 10:59:48
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation.

  • EPSS 1.33%
  • Veröffentlicht 25.09.2016 10:59:46
  • Zuletzt bearbeitet 06.05.2026 22:30:45

S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • EPSS 0.31%
  • Veröffentlicht 25.09.2016 10:59:45
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via a crafted environment variable.

  • EPSS 1.76%
  • Veröffentlicht 25.09.2016 10:59:44
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Kerberos 5 (aka krb5) PAM module in Apple OS X before 10.12 does not use constant-time operations for determining username validity, which makes it easier for remote attackers to enumerate user accounts via a timing side-channel attack.

  • EPSS 0.9%
  • Veröffentlicht 25.09.2016 10:59:43
  • Zuletzt bearbeitet 06.05.2026 22:30:45

NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to discover credentials via a crafted app.

  • EPSS 1.5%
  • Veröffentlicht 25.09.2016 10:59:42
  • Zuletzt bearbeitet 06.05.2026 22:30:45

mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface.

  • EPSS 4.15%
  • Veröffentlicht 25.09.2016 10:59:41
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • EPSS 2.61%
  • Veröffentlicht 25.09.2016 10:59:39
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libarchive in Apple OS X before 10.12 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted file.

  • EPSS 1.33%
  • Veröffentlicht 25.09.2016 10:59:31
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • EPSS 1.57%
  • Veröffentlicht 25.09.2016 10:59:30
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.