This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 1997-08-01
Product Mac Os X Last view 2021-04-02
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:* 2145
cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:* 2135
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:* 2134
cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:* 2121
cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:* 2119
cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:* 2118
cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:* 2114
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:* 2111
cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:* 2100
cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:* 2098
cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:* 2097
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:* 2096
cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:* 2095
cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:* 2091
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* 2090
cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:* 2087
cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:* 2087
cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:* 2085
cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:* 2085
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:* 2081
cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:* 2079
cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:* 2074
cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:* 2073
cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:* 2071
cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:* 2069
cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:* 2068
cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:* 2068
cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:* 2068
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:* 2068
cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:* 2068
cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:* 2064
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:* 2063
cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:* 2059
cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:* 2059
cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:* 2058
cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:* 2056
cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:* 2056
cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:* 2055
cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:* 2055
cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:* 2054
cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:* 2054
cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:* 2053
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:* 2053
cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:* 2052
cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:* 2052
cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:* 2052
cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:* 2052
cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:* 2052
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:* 2040
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:* 2037

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2021-04-02 CVE-2021-1871

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

9.8 2021-04-02 CVE-2021-1870

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

8.8 2021-04-02 CVE-2021-1844

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.8 2021-04-02 CVE-2021-1818

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

7.5 2021-04-02 CVE-2021-1806

A race condition was addressed with additional validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges.

7.8 2021-04-02 CVE-2021-1805

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges.

7.8 2021-04-02 CVE-2021-1802

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. A local attacker may be able to elevate their privileges.

7.8 2021-04-02 CVE-2021-1793

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

8.8 2021-04-02 CVE-2021-1792

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.

5.5 2021-04-02 CVE-2021-1791

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to disclose kernel memory.

7.8 2021-04-02 CVE-2021-1790

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted font may lead to arbitrary code execution.

8.8 2021-04-02 CVE-2021-1789

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2021-04-02 CVE-2021-1788

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8 2021-04-02 CVE-2021-1787

Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges.

5.5 2021-04-02 CVE-2021-1786

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to create or modify system files.

7.8 2021-04-02 CVE-2021-1785

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8 2021-04-02 CVE-2021-1783

An access issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7 2021-04-02 CVE-2021-1782

A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited..

5.5 2021-04-02 CVE-2021-1781

A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A malicious application may be able to leak sensitive user information.

7.8 2021-04-02 CVE-2021-1779

A logic error in kext loading was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. An application may be able to execute arbitrary code with system privileges.

5.5 2021-04-02 CVE-2021-1778

An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to a denial of service.

7.8 2021-04-02 CVE-2021-1777

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8 2021-04-02 CVE-2021-1776

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8 2021-04-02 CVE-2021-1775

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted font may lead to arbitrary code execution.

7.8 2021-04-02 CVE-2021-1774

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
34% (778) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (229) CWE-20 Improper Input Validation
9% (205) CWE-200 Information Exposure
6% (151) CWE-264 Permissions, Privileges, and Access Controls
6% (145) CWE-125 Out-of-bounds Read
4% (90) CWE-787 Out-of-bounds Write
3% (68) CWE-189 Numeric Errors
2% (52) CWE-399 Resource Management Errors
2% (49) CWE-416 Use After Free
2% (47) CWE-362 Race Condition
1% (35) CWE-310 Cryptographic Issues
1% (34) CWE-284 Access Control (Authorization) Issues
1% (29) CWE-287 Improper Authentication
1% (29) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (27) CWE-94 Failure to Control Generation of Code ('Code Injection')
0% (22) CWE-476 NULL Pointer Dereference
0% (22) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (19) CWE-254 Security Features
0% (19) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (14) CWE-190 Integer Overflow or Wraparound
0% (14) CWE-134 Uncontrolled Format String
0% (13) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (12) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (12) CWE-19 Data Handling
0% (12) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-6 Argument Injection
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-15 Command Delimiters
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-19 Embedding Scripts within Scripts
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-26 Leveraging Race Conditions
CAPEC-28 Fuzzing
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-37 Lifting Data Embedded in Client Distributions
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:2248 Sun RPC No Timeout Denial of Service on TCP Ports
oval:org.mitre.oval:def:567 BO in Samba call_trans2open Function
oval:org.mitre.oval:def:2163 Samba call_trans2open() Buffer Overflow
oval:org.mitre.oval:def:1970 Off-by-one Error in fb_realpath()
oval:org.mitre.oval:def:595 Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606 Sendmail Ruleset Parsing Buffer Overflow
oval:org.mitre.oval:def:603 Sendmail BO in prescan Function
oval:org.mitre.oval:def:572 Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975 Sendmail prescan function Buffer Overflow
oval:org.mitre.oval:def:9779 The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to...
oval:org.mitre.oval:def:975 Red Hat OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:870 Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:5770 Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability
oval:org.mitre.oval:def:2621 OpenSSL Denial of Service Vulnerabilities
oval:org.mitre.oval:def:902 Red Hat OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:871 Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:11755 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w...
oval:org.mitre.oval:def:9580 The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin...
oval:org.mitre.oval:def:928 Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability
oval:org.mitre.oval:def:1049 Red Hat OpenSSL Kerberos Handshake Vulnerability
oval:org.mitre.oval:def:8896 Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif...
oval:org.mitre.oval:def:100114 libtiff RLE Decoder Buffer Overflow Vulnerabilities
oval:org.mitre.oval:def:10703 OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and po...
oval:org.mitre.oval:def:9907 Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attacker...
oval:org.mitre.oval:def:100116 libtiff Malloc Error Denial of Service

SAINT Exploits

Description Link
Safari Script Editor AppleScript execution More info here
Samba call_trans2open buffer overflow More info here
OS X rootpipe privilege elevation More info here
Mac OS X rsh Environment Variables Privilege Elevation More info here
MySQL yaSSL SSL Hello message buffer overflow More info here
Safari archive metadata command execution More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78148 Google Chrome libxml2 parser.c xmlStringLenDecodeEntities() Function Remote O...
77203 Apple Mac OS X Multiple Sandbox Profile Process Restriction launchctl Network...
77202 Apple Mac OS X Multiple Sandbox Profile Process Restriction osascript Network...
76391 Apple Safari WebKit Private Browsing Mode Cookie Block Bypass
76390 Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E...
76389 Apple Safari file:// URL Handling Remote Code Execution
76380 Apple Mac OS X QuickTime FLIC File Handling Overflow
76379 Apple Mac OS X QuickTime FlashPix File Handling Overflow
76378 Apple Mac OS X QuickTime Movie File Atom Hierarchy Handling Remote Code Execu...
76377 Apple Mac OS X QuickTime Movie File URL Data Handlers Handling Memory Disclosure
76376 Apple Mac OS X SMB File Server nobody Guest User Access Restriction Bypass
76375 Apple Mac OS X User Documentation App Store Help Content MitM Weakness Remote...
76373 Apple Mac OS X QuickTime Save for Web Export MitM Weakness XSS
76372 Apple Mac OS X Multiple QuickTime Movie File Handling Memory Corruption
76371 Apple Mac OS X Open Directory LDAPv3 rFC2307 Mapping Authentication Bypass
76370 Apple Mac OS X Open Directory Access Control Weakness Password Manipulation
76369 Apple Mac OS X Open Directory Access Control Weakness Local Password Disclosure
76368 Apple Mac OS X MediaKit Multiple Disk Image Handling Memory Corruption
76367 Apple Mac OS X libsecurity Nonstandard Certificate Revocation Website / Email...
76366 Apple Mac OS X Kernel Sticky Bit Directory Arbitrary File Deletion
76365 Apple Mac OS X Kernel Firewall DMA Protection Weakness Password Disclosure
76364 Apple Mac OS X IOGraphics Apple Cinema Displays Screen Lock Bypass
76363 Apple Mac OS X File Systems WebDAV Volume Handling HTTPS Server Certificate W...
76362 Apple Mac OS X CoreStorage FileVault Encryption Weakness
76361 Apple Mac OS X CoreProcesses System Window Partial Locked Screen Bypass

ExploitDB Exploits

id Description
35440 Mac OS X IOKit Keyboard Driver Root Privilege Escalation
35427 tnftp - clientside BSD exploit
32754 MacOS X 10.9 Hard Link Memory Corruption
31875 Python socket.recvfrom_into() - Remote Buffer Overflow
30395 PHP openssl_x509_parse() - Memory Corruption Vulnerability
29168 Apple Remote Desktop 3.7 - PoC
27944 Mac OS X Sudo Password Bypass
25974 Mac OSX Server DirectoryService Buffer Overflow
25256 Apple Mac OS X 10.3.x Multiple Vulnerabilities
20705 SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities
18853 SAP Netweaver Dispatcher Multiple Vulnerabilities
17986 Apple Safari file:// Arbitrary Code Execution
17901 Mac OS X < 10.6.7 Kernel Panic Exploit
15491 Apple Directory Services Memory Corruption
15035 MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
14869 MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulne...
14422 libpng <= 1.4.2 Denial of Service Vulnerability
12375 MacOS X 10.6 HFS File System Attack (Denial of Service)
4759 Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit
4013 Mac OS X < 2007-005 (vpnd) Local Privilege Escalation Exploit
2464 Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x 0day)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-10-16 Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability
File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl
2012-11-16 Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console
File : nvt/gb_VMSA-2012-0016.nasl
2012-10-19 Name : Ubuntu Update for python2.5 USN-1613-1
File : nvt/gb_ubuntu_USN_1613_1.nasl
2012-10-19 Name : Ubuntu Update for python2.4 USN-1613-2
File : nvt/gb_ubuntu_USN_1613_2.nasl
2012-10-03 Name : Fedora Update for libxml2 FEDORA-2012-13824
File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl
2012-09-27 Name : Fedora Update for libxml2 FEDORA-2012-13820
File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-06 (expat)
File : nvt/glsa_201209_06.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-11 Name : Ubuntu Update for xmlrpc-c USN-1527-2
File : nvt/gb_ubuntu_USN_1527_2.nasl
2012-09-10 Name : Slackware Advisory SSA:2011-133-01 apr/apr-util
File : nvt/esoft_slk_ssa_2011_133_01.nasl
2012-08-30 Name : Fedora Update for thunderbird FEDORA-2012-1794
File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl
2012-08-30 Name : Fedora Update for xulrunner FEDORA-2012-1800
File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl
2012-08-30 Name : Fedora Update for libpng FEDORA-2012-1892
File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl
2012-08-30 Name : Fedora Update for libpng10 FEDORA-2012-2003
File : nvt/gb_fedora_2012_2003_libpng10_fc17.nasl
2012-08-30 Name : Fedora Update for thunderbird FEDORA-2012-4910
File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl
2012-08-30 Name : Fedora Update for groff FEDORA-2012-8577
File : nvt/gb_fedora_2012_8577_groff_fc17.nasl
2012-08-20 Name : Adobe Acrobat Multiple Vulnerabilities - Mac OS X
File : nvt/gb_adobe_acrobat_mult_vuln_aug12_macosx.nasl
2012-08-20 Name : Adobe Reader Multiple Vulnerabilities - Mac OS X
File : nvt/gb_adobe_prdts_mult_vuln_aug12_macosx.nasl
2012-08-14 Name : Ubuntu Update for expat USN-1527-1
File : nvt/gb_ubuntu_USN_1527_1.nasl
2012-08-10 Name : Debian Security Advisory DSA 2525-1 (expat)
File : nvt/deb_2525_1.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-15 (libpng)
File : nvt/glsa_201206_15.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201207-10 (cups)
File : nvt/glsa_201207_10.nasl
2012-08-03 Name : Mandriva Update for mozilla MDVSA-2012:022 (mozilla)
File : nvt/gb_mandriva_MDVSA_2012_022_firefox.nasl
2012-08-03 Name : Mandriva Update for expat MDVSA-2012:041 (expat)
File : nvt/gb_mandriva_MDVSA_2012_041.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0222 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0061471
2015-B-0105 Multiple Vulnerabilities in Apple QuickTime
Severity: Category II - VMSKEY: V0061349
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0174 Multiple Vulnerabilities in Apache HTTP Server
Severity: Category I - VMSKEY: V0061135
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2015-B-0012 Multiple Vulnerabilities in VMware ESXi 5.0
Severity: Category I - VMSKEY: V0058517
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2014-A-0114 Multiple Vulnerabilities in Apache HTTP Server
Severity: Category I - VMSKEY: V0053307
2014-A-0091 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0052905
2014-B-0048 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0050015
2014-A-0059 Apple Mac OS X Security Update 2014-002
Severity: Category I - VMSKEY: V0049741
2014-B-0024 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0046157
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2014-B-0018 Multiple Vulnerabilities in Apple Quick Time
Severity: Category II - VMSKEY: V0044545
2014-B-0022 Multiple Vulnerabilities in PostgreSQL
Severity: Category I - VMSKEY: V0044531
2014-B-0017 Apple iOS Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0044529
2014-B-0011 Multiple Vulnerabilities in NVIDIA Graphics Driver
Severity: Category I - VMSKEY: V0043922
2013-A-0179 Apple Mac OS X Security Update 2013-004
Severity: Category I - VMSKEY: V0040373
2012-A-0189 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0035032
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0073 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0032171
2012-A-0020 Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity: Category I - VMSKEY: V0031252

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Office GIF image descriptor memory corruption attempt
RuleID : 8414 - Type : FILE-OFFICE - Revision : 16
2014-01-10 RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10 RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10 Apple Safari x-unix-mode executable mail attachment
RuleID : 5714 - Type : BROWSER-WEBKIT - Revision : 13
2021-01-12 file URI redirect attempt
RuleID : 56580 - Type : POLICY-OTHER - Revision : 1
2020-11-19 Apple Safari Webkit attribute child removal code execution attempt
RuleID : 56042 - Type : BROWSER-WEBKIT - Revision : 1
2020-02-25 Apple Safari user assisted applescript code execution attempt
RuleID : 52622 - Type : BROWSER-WEBKIT - Revision : 1
2020-02-25 Apple Safari user assisted applescript code execution attempt
RuleID : 52621 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-14 Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt
RuleID : 52466 - Type : FILE-PDF - Revision : 1
2020-01-14 Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt
RuleID : 52465 - Type : FILE-PDF - Revision : 1
2020-01-14 Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt
RuleID : 52464 - Type : FILE-PDF - Revision : 1
2020-01-14 Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt
RuleID : 52463 - Type : FILE-PDF - Revision : 1
2020-01-07 yaSSL SSL Hello Message buffer overflow attempt
RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1
2020-01-03 Apple Safari WebKit out-of-bounds read attempt
RuleID : 52342 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit out-of-bounds read attempt
RuleID : 52341 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit memory corruption attempt
RuleID : 52316 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit memory corruption attempt
RuleID : 52315 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit memory corruption attempt
RuleID : 52314 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit memory corruption attempt
RuleID : 52313 - Type : BROWSER-WEBKIT - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52307 - Type : FILE-IMAGE - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52306 - Type : FILE-IMAGE - Revision : 1
2019-11-15 WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt
RuleID : 51832 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-15 WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt
RuleID : 51831 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12 WebKit JavaScriptCore JSValue use after free attempt
RuleID : 51824 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12 WebKit JavaScriptCore JSValue use after free attempt
RuleID : 51823 - Type : BROWSER-WEBKIT - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-14 Name: The remote Debian host is missing a security update.
File: debian_DLA-1633.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10916.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4e088b6d7c.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9dbe983805.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-bdc5bfaedc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-ca03363d57.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_12_1_1.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_14_2.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2018-006.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote host is missing a macOS security update that fixes multiple vulner...
File: macosx_SecUpd_10_13_6_2018-003.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1601.nasl - Type: ACT_GATHER_INFO
2018-11-30 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4347.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-2478.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_12_1.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9_1.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9_1_banner.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_14_1.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2018-005.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS security update that fixes multiple vulner...
File: macosx_SecUpd_10_13_6_2018-002.nasl - Type: ACT_GATHER_INFO
2018-10-18 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_14.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_8_banner.nasl - Type: ACT_GATHER_INFO