Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-5180 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-...Show more The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of these values, related to a compiler-optimization issue.Show less
CVE-2013-5179 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox restrictions via a crafted app that uses the LaunchServices interface to specify process arguments.
CVE-2013-5178 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence.
CVE-2013-5177 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure.
CVE-2013-5176 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation er...Show more The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error.Show less
CVE-2013-5175 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 6.6 MEDIUM· v2 The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file.
CVE-2013-5174 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a crafted tty read operation.
CVE-2013-5173 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 2.1 LOW· v2 The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outag...Show more The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires many random numbers.Show less
CVE-2013-5172 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 7.1 HIGH· v2 The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest...Show more The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.Show less
CVE-2013-5171 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 3.3 LOW· v2 CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration.
CVE-2013-5170 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2013-5169 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 1.9 LOW· v2 CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive infor...Show more CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen.Show less
CVE-2013-5168 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Console in Apple Mac OS X before 10.9 allows user-assisted remote attackers to execute arbitrary applications by triggering a log entry with a crafted attached URL.
CVE-2013-5167 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP hea...Show more CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers.Show less
CVE-2013-5166 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The Bluetooth USB host controller in Apple Mac OS X before 10.9 prematurely deletes interfaces, which allows local users to cause a denial of service (system crash) via a crafted application.
CVE-2013-5165 1Apple 1Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 6.4 MEDIUM· v2 socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an...Show more socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an application for which blocking was configured.Show less
CVE-2013-5135 1Apple 2Apple Remote Desktop Mac Os X Apr 29, 2026 Oct 24, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.
CVE-2013-5163 1Apple 1Mac Os X Apr 29, 2026 Oct 4, 2013 N/A· v4 N/A· v3 6.6 MEDIUM· v2 Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors.
CVE-2011-2391 1Apple 3Iphone Os ItunesMac Os X Apr 29, 2026 Sep 19, 2013 N/A· v4 N/A· v3 6.1 MEDIUM· v2 The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.
CVE-2013-1824 3Apple PhpRedhat 3Enterprise Linux Mac Os XPhp Apr 29, 2026 Sep 16, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, rel...Show more The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.Show less

Previous 1...115116117...161 Next