Vulnerabilities (CVE)

Vendor filter

Apple Subscribe

Product filter

Mac Os X Subscribe

Filter

2154 total CVE
CVE Vendors Products Updated CVSS
CVE-2008-2314 1 Apple 2 Mac Os X, Mac Os X Server 2019-10-10 4.4
Dock in Apple Mac OS X 10.5 before 10.5.4, when Expos? hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors.
CVE-2015-4000 12 Google, Openssl, Apple and 9 more 25 Safari, Network Security Services, Ie and 22 more 2019-10-09 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a...
CVE-2015-2301 7 Apple, Php, Canonical and 4 more 12 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 9 more 2019-10-09 7.5
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger...
CVE-2015-1352 2 Apple, Php 2 Mac Os X, Php 2019-10-09 5.0
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and...
CVE-2014-3566 11 Openssl, Apple, Redhat and 8 more 21 Vios, Suse Linux Enterprise Software Development Kit, Aix and 18 more 2019-10-09 4.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
CVE-2017-13886 1 Apple 1 Mac Os X 2019-10-03 4.0
In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions.
CVE-2017-2423 1 Apple 2 Mac Os X, Iphone Os 2019-10-03 7.5
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a...
CVE-2017-13828 1 Apple 1 Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text.
CVE-2017-7078 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended...
CVE-2017-7070 1 Apple 1 Mac Os X 2019-10-03 4.6
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows physically proximate attackers to bypass the screen-locking protection mechanism that should have been in...
CVE-2018-4173 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app.
CVE-2017-2402 1 Apple 1 Mac Os X 2019-10-03 7.5
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to...
CVE-2018-4131 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log...
CVE-2017-13871 1 Apple 1 Mac Os X 2019-10-03 5.0
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the...
CVE-2018-4151 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context...
CVE-2018-4154 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Storage" component. A race condition allows attackers to execute arbitrary code in a privileged context via...
CVE-2017-2417 1 Apple 5 Mac Os X, Iphone Os, Apple Tv and 2 more 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote...
CVE-2018-4310 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.5
An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
CVE-2018-4156 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context...
CVE-2017-2381 1 Apple 1 Mac Os X 2019-10-03 6.5
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network...