Summary
| Detail | |||
|---|---|---|---|
| Vendor | Apple | First view | 1997-08-01 |
| Product | Mac Os X | Last view | 2020-10-16 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2020-10-16 | CVE-2020-9968 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.7, tvOS 14.0, watchOS 7.0. A malicious application may be able to access restricted files. |
| 5.5 | 2020-10-16 | CVE-2020-9934 | An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information. |
| 9.8 | 2020-10-16 | CVE-2020-9918 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. |
| 5.5 | 2020-10-16 | CVE-2020-9913 | This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information. |
| 7.8 | 2020-10-16 | CVE-2020-9891 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. |
| 7.8 | 2020-10-16 | CVE-2020-9890 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. |
| 7.8 | 2020-10-16 | CVE-2020-9889 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. |
| 7.8 | 2020-10-16 | CVE-2020-9888 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. |
| 5.5 | 2020-10-16 | CVE-2020-9885 | An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group. |
| 7.8 | 2020-10-16 | CVE-2020-9884 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. |
| 7.8 | 2020-10-16 | CVE-2020-9878 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. |
| 8.8 | 2020-10-16 | CVE-2020-9870 | A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code. |
| 8.6 | 2020-10-16 | CVE-2020-9865 | A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to break out of its sandbox. |
| 7.8 | 2020-10-16 | CVE-2020-9799 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. |
| 5.3 | 2020-06-09 | CVE-2020-9856 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. An application may be able to gain elevated privileges. |
| 7.8 | 2020-06-09 | CVE-2020-9855 | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges. |
| 7.8 | 2020-06-09 | CVE-2020-9852 | An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges. |
| 5.5 | 2020-06-09 | CVE-2020-9851 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to modify protected parts of the file system. |
| 8.6 | 2020-06-09 | CVE-2020-9847 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to break out of its sandbox. |
| 7.5 | 2020-06-09 | CVE-2020-9844 | A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. |
| 5.5 | 2020-06-09 | CVE-2020-9842 | An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions. |
| 7.8 | 2020-06-09 | CVE-2020-9841 | An integer overflow was addressed through improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. |
| 7 | 2020-06-09 | CVE-2020-9839 | A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges. |
| 7.5 | 2020-06-09 | CVE-2020-9837 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory. |
| 7.8 | 2020-06-09 | CVE-2020-9834 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 36% (748) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10% (215) | CWE-20 | Improper Input Validation |
| 9% (203) | CWE-200 | Information Exposure |
| 7% (151) | CWE-264 | Permissions, Privileges, and Access Controls |
| 4% (98) | CWE-125 | Out-of-bounds Read |
| 3% (68) | CWE-189 | Numeric Errors |
| 2% (58) | CWE-787 | Out-of-bounds Write |
| 2% (52) | CWE-399 | Resource Management Errors |
| 2% (43) | CWE-362 | Race Condition |
| 1% (38) | CWE-416 | Use After Free |
| 1% (35) | CWE-310 | Cryptographic Issues |
| 1% (34) | CWE-284 | Access Control (Authorization) Issues |
| 1% (28) | CWE-287 | Improper Authentication |
| 1% (27) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 1% (22) | CWE-476 | NULL Pointer Dereference |
| 1% (21) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (19) | CWE-254 | Security Features |
| 0% (16) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 0% (14) | CWE-134 | Uncontrolled Format String |
| 0% (12) | CWE-19 | Data Handling |
| 0% (12) | CWE-16 | Configuration |
| 0% (11) | CWE-255 | Credentials Management |
| 0% (11) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 0% (11) | CWE-17 | Code |
| 0% (10) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-6 | Argument Injection |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-15 | Command Delimiters |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-19 | Embedding Scripts within Scripts |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-28 | Fuzzing |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-37 | Lifting Data Embedded in Client Distributions |
| CAPEC-38 | Leveraging/Manipulating Configuration File Search Paths |
| CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:2248 | Sun RPC No Timeout Denial of Service on TCP Ports |
| oval:org.mitre.oval:def:567 | BO in Samba call_trans2open Function |
| oval:org.mitre.oval:def:2163 | Samba call_trans2open() Buffer Overflow |
| oval:org.mitre.oval:def:1970 | Off-by-one Error in fb_realpath() |
| oval:org.mitre.oval:def:595 | Potential BO in Ruleset Parsing for Sendmail |
| oval:org.mitre.oval:def:3606 | Sendmail Ruleset Parsing Buffer Overflow |
| oval:org.mitre.oval:def:603 | Sendmail BO in prescan Function |
| oval:org.mitre.oval:def:572 | Sendmail BO in Prescan Function |
| oval:org.mitre.oval:def:2975 | Sendmail prescan function Buffer Overflow |
| oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
| oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
| oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
| oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
| oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
| oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:8896 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif... |
| oval:org.mitre.oval:def:100114 | libtiff RLE Decoder Buffer Overflow Vulnerabilities |
| oval:org.mitre.oval:def:10703 | OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and po... |
| oval:org.mitre.oval:def:9907 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attacker... |
| oval:org.mitre.oval:def:100116 | libtiff Malloc Error Denial of Service |
SAINT Exploits
| Description | Link |
|---|---|
| Safari Script Editor AppleScript execution | More info here |
| Samba call_trans2open buffer overflow | More info here |
| OS X rootpipe privilege elevation | More info here |
| Mac OS X rsh Environment Variables Privilege Elevation | More info here |
| MySQL yaSSL SSL Hello message buffer overflow | More info here |
| Safari archive metadata command execution | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78148 | Google Chrome libxml2 parser.c xmlStringLenDecodeEntities() Function Remote O... |
| 77203 | Apple Mac OS X Multiple Sandbox Profile Process Restriction launchctl Network... |
| 77202 | Apple Mac OS X Multiple Sandbox Profile Process Restriction osascript Network... |
| 76391 | Apple Safari WebKit Private Browsing Mode Cookie Block Bypass |
| 76390 | Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E... |
| 76389 | Apple Safari file:// URL Handling Remote Code Execution |
| 76380 | Apple Mac OS X QuickTime FLIC File Handling Overflow |
| 76379 | Apple Mac OS X QuickTime FlashPix File Handling Overflow |
| 76378 | Apple Mac OS X QuickTime Movie File Atom Hierarchy Handling Remote Code Execu... |
| 76377 | Apple Mac OS X QuickTime Movie File URL Data Handlers Handling Memory Disclosure |
| 76376 | Apple Mac OS X SMB File Server nobody Guest User Access Restriction Bypass |
| 76375 | Apple Mac OS X User Documentation App Store Help Content MitM Weakness Remote... |
| 76373 | Apple Mac OS X QuickTime Save for Web Export MitM Weakness XSS |
| 76372 | Apple Mac OS X Multiple QuickTime Movie File Handling Memory Corruption |
| 76371 | Apple Mac OS X Open Directory LDAPv3 rFC2307 Mapping Authentication Bypass |
| 76370 | Apple Mac OS X Open Directory Access Control Weakness Password Manipulation |
| 76369 | Apple Mac OS X Open Directory Access Control Weakness Local Password Disclosure |
| 76368 | Apple Mac OS X MediaKit Multiple Disk Image Handling Memory Corruption |
| 76367 | Apple Mac OS X libsecurity Nonstandard Certificate Revocation Website / Email... |
| 76366 | Apple Mac OS X Kernel Sticky Bit Directory Arbitrary File Deletion |
| 76365 | Apple Mac OS X Kernel Firewall DMA Protection Weakness Password Disclosure |
| 76364 | Apple Mac OS X IOGraphics Apple Cinema Displays Screen Lock Bypass |
| 76363 | Apple Mac OS X File Systems WebDAV Volume Handling HTTPS Server Certificate W... |
| 76362 | Apple Mac OS X CoreStorage FileVault Encryption Weakness |
| 76361 | Apple Mac OS X CoreProcesses System Window Partial Locked Screen Bypass |
ExploitDB Exploits
| id | Description |
|---|---|
| 35440 | Mac OS X IOKit Keyboard Driver Root Privilege Escalation |
| 35427 | tnftp - clientside BSD exploit |
| 32754 | MacOS X 10.9 Hard Link Memory Corruption |
| 31875 | Python socket.recvfrom_into() - Remote Buffer Overflow |
| 30395 | PHP openssl_x509_parse() - Memory Corruption Vulnerability |
| 29168 | Apple Remote Desktop 3.7 - PoC |
| 27944 | Mac OS X Sudo Password Bypass |
| 25974 | Mac OSX Server DirectoryService Buffer Overflow |
| 25256 | Apple Mac OS X 10.3.x Multiple Vulnerabilities |
| 20705 | SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities |
| 18853 | SAP Netweaver Dispatcher Multiple Vulnerabilities |
| 17986 | Apple Safari file:// Arbitrary Code Execution |
| 17901 | Mac OS X < 10.6.7 Kernel Panic Exploit |
| 15491 | Apple Directory Services Memory Corruption |
| 15035 | MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability |
| 14869 | MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulne... |
| 14422 | libpng <= 1.4.2 Denial of Service Vulnerability |
| 12375 | MacOS X 10.6 HFS File System Attack (Denial of Service) |
| 4759 | Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit |
| 4013 | Mac OS X < 2007-005 (vpnd) Local Privilege Escalation Exploit |
| 2464 | Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x 0day) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
| 2012-11-16 | Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console File : nvt/gb_VMSA-2012-0016.nasl |
| 2012-10-19 | Name : Ubuntu Update for python2.5 USN-1613-1 File : nvt/gb_ubuntu_USN_1613_1.nasl |
| 2012-10-19 | Name : Ubuntu Update for python2.4 USN-1613-2 File : nvt/gb_ubuntu_USN_1613_2.nasl |
| 2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
| 2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-02 (tiff) File : nvt/glsa_201209_02.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-06 (expat) File : nvt/glsa_201209_06.nasl |
| 2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
| 2012-09-11 | Name : Ubuntu Update for xmlrpc-c USN-1527-2 File : nvt/gb_ubuntu_USN_1527_2.nasl |
| 2012-09-10 | Name : Slackware Advisory SSA:2011-133-01 apr/apr-util File : nvt/esoft_slk_ssa_2011_133_01.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-1794 File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xulrunner FEDORA-2012-1800 File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-1892 File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-2003 File : nvt/gb_fedora_2012_2003_libpng10_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-4910 File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for groff FEDORA-2012-8577 File : nvt/gb_fedora_2012_8577_groff_fc17.nasl |
| 2012-08-20 | Name : Adobe Acrobat Multiple Vulnerabilities - Mac OS X File : nvt/gb_adobe_acrobat_mult_vuln_aug12_macosx.nasl |
| 2012-08-20 | Name : Adobe Reader Multiple Vulnerabilities - Mac OS X File : nvt/gb_adobe_prdts_mult_vuln_aug12_macosx.nasl |
| 2012-08-14 | Name : Ubuntu Update for expat USN-1527-1 File : nvt/gb_ubuntu_USN_1527_1.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2525-1 (expat) File : nvt/deb_2525_1.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-15 (libpng) File : nvt/glsa_201206_15.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
| 2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:022 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_022_firefox.nasl |
| 2012-08-03 | Name : Mandriva Update for expat MDVSA-2012:041 (expat) File : nvt/gb_mandriva_MDVSA_2012_041.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0222 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0061471 |
| 2015-B-0105 | Multiple Vulnerabilities in Apple QuickTime Severity: Category II - VMSKEY: V0061349 |
| 2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
| 2015-A-0174 | Multiple Vulnerabilities in Apache HTTP Server Severity: Category I - VMSKEY: V0061135 |
| 2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0061089 |
| 2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
| 2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
| 2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
| 2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
| 2014-A-0114 | Multiple Vulnerabilities in Apache HTTP Server Severity: Category I - VMSKEY: V0053307 |
| 2014-A-0091 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0052905 |
| 2014-B-0048 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0050015 |
| 2014-A-0059 | Apple Mac OS X Security Update 2014-002 Severity: Category I - VMSKEY: V0049741 |
| 2014-B-0024 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0046157 |
| 2014-A-0030 | Apple Mac OS X Security Update 2014-001 Severity: Category I - VMSKEY: V0044547 |
| 2014-B-0018 | Multiple Vulnerabilities in Apple Quick Time Severity: Category II - VMSKEY: V0044545 |
| 2014-B-0022 | Multiple Vulnerabilities in PostgreSQL Severity: Category I - VMSKEY: V0044531 |
| 2014-B-0017 | Apple iOS Security Bypass Vulnerability Severity: Category I - VMSKEY: V0044529 |
| 2014-B-0011 | Multiple Vulnerabilities in NVIDIA Graphics Driver Severity: Category I - VMSKEY: V0043922 |
| 2013-A-0179 | Apple Mac OS X Security Update 2013-004 Severity: Category I - VMSKEY: V0040373 |
| 2012-A-0189 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0035032 |
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
| 2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032171 |
| 2012-A-0020 | Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0031252 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office GIF image descriptor memory corruption attempt RuleID : 8414 - Type : FILE-OFFICE - Revision : 16 |
| 2014-01-10 | RCPT TO overflow RuleID : 654-community - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | RCPT TO overflow RuleID : 654 - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | Apple Safari x-unix-mode executable mail attachment RuleID : 5714 - Type : BROWSER-WEBKIT - Revision : 13 |
| 2020-02-25 | Apple Safari user assisted applescript code execution attempt RuleID : 52622 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-02-25 | Apple Safari user assisted applescript code execution attempt RuleID : 52621 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52466 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52465 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52464 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52463 - Type : FILE-PDF - Revision : 1 |
| 2020-01-07 | yaSSL SSL Hello Message buffer overflow attempt RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit out-of-bounds read attempt RuleID : 52342 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit out-of-bounds read attempt RuleID : 52341 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52316 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52315 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52314 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52313 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52307 - Type : FILE-IMAGE - Revision : 1 |
| 2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52306 - Type : FILE-IMAGE - Revision : 1 |
| 2019-11-15 | WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt RuleID : 51832 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-15 | WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt RuleID : 51831 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-12 | WebKit JavaScriptCore JSValue use after free attempt RuleID : 51824 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-12 | WebKit JavaScriptCore JSValue use after free attempt RuleID : 51823 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-12 | WebKit JavaScriptCore AIR optimization memory corruption attempt RuleID : 51822 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-12 | WebKit JavaScriptCore AIR optimization memory corruption attempt RuleID : 51821 - Type : BROWSER-WEBKIT - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-14 | Name: The remote Debian host is missing a security update. File: debian_DLA-1633.nasl - Type: ACT_GATHER_INFO |
| 2019-01-11 | Name: The remote device is missing a vendor-supplied security patch. File: juniper_jsa10916.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4e088b6d7c.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-9dbe983805.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-bdc5bfaedc.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-ca03363d57.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12_1_1.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14_2.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-006.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote host is missing a macOS security update that fixes multiple vulner... File: macosx_SecUpd_10_13_6_2018-003.nasl - Type: ACT_GATHER_INFO |
| 2018-12-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-1601.nasl - Type: ACT_GATHER_INFO |
| 2018-11-30 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4347.nasl - Type: ACT_GATHER_INFO |
| 2018-11-27 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-2478.nasl - Type: ACT_GATHER_INFO |
| 2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO |
| 2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12_1.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_9_1.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_9_1_banner.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14_1.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-005.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS security update that fixes multiple vulner... File: macosx_SecUpd_10_13_6_2018-002.nasl - Type: ACT_GATHER_INFO |
| 2018-10-18 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14.nasl - Type: ACT_GATHER_INFO |
| 2018-10-02 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_8_banner.nasl - Type: ACT_GATHER_INFO |
