Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-0398 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 7.5 HIGH | N/A |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | |||||
CVE-2006-0399 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 7.5 HIGH | N/A |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | |||||
CVE-2006-0400 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 7.5 HIGH | N/A |
CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." | |||||
CVE-2006-0401 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. | |||||
CVE-2016-7585 | 1 Apple | 1 Mac Os X | 2017-07-11 | 2.1 LOW | 6.8 MEDIUM |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter. | |||||
CVE-2017-2388 | 1 Apple | 1 Mac Os X | 2017-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
CVE-2017-2398 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2017-2403 | 1 Apple | 1 Mac Os X | 2017-07-11 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Printing" component. A format-string vulnerability allows remote attackers to execute arbitrary code via a crafted ipp: or ipps: URL. | |||||
CVE-2017-2408 | 1 Apple | 1 Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOATAFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2017-2409 | 1 Apple | 1 Mac Os X | 2017-07-11 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app. | |||||
CVE-2017-2410 | 1 Apple | 1 Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2017-2426 | 1 Apple | 1 Mac Os X | 2017-07-11 | 4.3 MEDIUM | 3.3 LOW |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local files via a file: URL in an iBooks file. | |||||
CVE-2017-2413 | 1 Apple | 1 Mac Os X | 2017-07-11 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "QuickTime" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted media file. | |||||
CVE-2017-2418 | 1 Apple | 1 Mac Os X | 2017-07-11 | 2.1 LOW | 6.5 MEDIUM |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors. | |||||
CVE-2017-2420 | 1 Apple | 1 Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2017-2422 | 1 Apple | 1 Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2017-2431 | 1 Apple | 1 Mac Os X | 2017-07-11 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "CoreMedia" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .mov file. | |||||
CVE-2017-2436 | 1 Apple | 1 Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2017-2437 | 1 Apple | 1 Mac Os X | 2017-07-11 | 7.2 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2017-2438 | 1 Apple | 1 Mac Os X | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. |