CVE |
Vendors |
Products |
Updated |
CVSS |
CVE-2008-2314 |
1 Apple |
2 Mac Os X, Mac Os X Server |
2019-10-10 |
4.4 |
Dock in Apple Mac OS X 10.5 before 10.5.4, when Expos? hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors. |
CVE-2015-4000 |
12 Google, Openssl, Apple and 9 more |
25 Safari, Network Security Services, Ie and 22 more |
2019-10-09 |
4.3 |
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a... |
CVE-2015-2301 |
7 Apple, Php, Canonical and 4 more |
12 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 9 more |
2019-10-09 |
7.5 |
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger... |
CVE-2015-1352 |
2 Apple, Php |
2 Mac Os X, Php |
2019-10-09 |
5.0 |
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and... |
CVE-2014-3566 |
11 Openssl, Apple, Redhat and 8 more |
21 Vios, Suse Linux Enterprise Software Development Kit, Aix and 18 more |
2019-10-09 |
4.3 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
CVE-2017-13886 |
1 Apple |
1 Mac Os X |
2019-10-03 |
4.0 |
In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions. |
CVE-2017-2423 |
1 Apple |
2 Mac Os X, Iphone Os |
2019-10-03 |
7.5 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a... |
CVE-2017-13828 |
1 Apple |
1 Mac Os X |
2019-10-03 |
4.3 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text. |
CVE-2017-7078 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
5.0 |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended... |
CVE-2017-7070 |
1 Apple |
1 Mac Os X |
2019-10-03 |
4.6 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows physically proximate attackers to bypass the screen-locking protection mechanism that should have been in... |
CVE-2018-4173 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
4.3 |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app. |
CVE-2017-2402 |
1 Apple |
1 Mac Os X |
2019-10-03 |
7.5 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to... |
CVE-2018-4131 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
4.3 |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log... |
CVE-2017-13871 |
1 Apple |
1 Mac Os X |
2019-10-03 |
5.0 |
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the... |
CVE-2018-4151 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
7.6 |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context... |
CVE-2018-4154 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
7.6 |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Storage" component. A race condition allows attackers to execute arbitrary code in a privileged context via... |
CVE-2017-2417 |
1 Apple |
5 Mac Os X, Iphone Os, Apple Tv and 2 more |
2019-10-03 |
4.3 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote... |
CVE-2018-4310 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
7.5 |
An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14. |
CVE-2018-4156 |
1 Apple |
2 Iphone Os, Mac Os X |
2019-10-03 |
7.6 |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context... |
CVE-2017-2381 |
1 Apple |
1 Mac Os X |
2019-10-03 |
6.5 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network... |