Filtered by vendor Apple
Subscribe
Total
11572 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5192 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.9 MEDIUM | N/A |
| The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number. | |||||
| CVE-2013-5191 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | N/A |
| The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions. | |||||
| CVE-2013-5190 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | N/A |
| Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure. | |||||
| CVE-2013-5189 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.8 MEDIUM | N/A |
| Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the completion of an update. | |||||
| CVE-2013-5188 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.0 MEDIUM | N/A |
| The Screen Lock implementation in Apple Mac OS X before 10.9, when hibernation and autologin are enabled, does not require a password for a transition out of hibernation, which allows physically proximate attackers to obtain access by visiting an unattended workstation in the hibernating state. | |||||
| CVE-2013-5187 | 1 Apple | 1 Mac Os X | 2024-11-21 | 1.9 LOW | N/A |
| The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. | |||||
| CVE-2013-5186 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | N/A |
| Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. | |||||
| CVE-2013-5185 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | N/A |
| The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network. | |||||
| CVE-2013-5184 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.7 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.9 does not properly check for errors during the processing of multicast Wi-Fi packets, which allows remote attackers to cause a denial of service (system crash) by leveraging presence in an 802.11 network's coverage area. | |||||
| CVE-2013-5183 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.6 LOW | N/A |
| Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2013-5182 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.0 MEDIUM | N/A |
| Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof the existence of a cryptographic signature for an e-mail message by using the multipart/signed content type within an unsigned message. | |||||
| CVE-2013-5181 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | N/A |
| The auto-configuration feature in Mail in Apple Mac OS X before 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2013-5180 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | N/A |
| The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of these values, related to a compiler-optimization issue. | |||||
| CVE-2013-5179 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.5 HIGH | N/A |
| App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox restrictions via a crafted app that uses the LaunchServices interface to specify process arguments. | |||||
| CVE-2013-5178 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.0 MEDIUM | N/A |
| LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence. | |||||
| CVE-2013-5177 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.9 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure. | |||||
| CVE-2013-5176 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.9 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error. | |||||
| CVE-2013-5175 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.6 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file. | |||||
| CVE-2013-5174 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.9 MEDIUM | N/A |
| Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a crafted tty read operation. | |||||
| CVE-2013-5173 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | N/A |
| The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires many random numbers. | |||||