Summary
| Detail | |||
|---|---|---|---|
| Vendor | Apple | First view | 1997-08-01 |
| Product | Mac Os X | Last view | 2021-10-19 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2021-10-19 | CVE-2021-30850 | An access issue was addressed with improved access restrictions. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access to protected parts of the file system. |
| 7.8 | 2021-10-19 | CVE-2021-30847 | This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution. |
| 7.5 | 2021-10-19 | CVE-2021-30844 | A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory. |
| 7.8 | 2021-10-19 | CVE-2021-30843 | This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution. |
| 7.8 | 2021-10-19 | CVE-2021-30842 | This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution. |
| 7.8 | 2021-10-19 | CVE-2021-30841 | This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution. |
| 7.8 | 2021-10-19 | CVE-2021-30835 | This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution. |
| 7.8 | 2021-10-19 | CVE-2021-30832 | A memory corruption issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges. |
| 7.8 | 2021-10-19 | CVE-2021-30830 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges. |
| 7.8 | 2021-10-19 | CVE-2021-30829 | A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files. |
| 5.5 | 2021-10-19 | CVE-2021-30828 | This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root. |
| 7.8 | 2021-10-19 | CVE-2021-30827 | A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges. |
| 7.5 | 2021-10-19 | CVE-2020-29622 | A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. |
| 9.8 | 2021-09-08 | CVE-2021-30805 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges. |
| 8.8 | 2021-09-08 | CVE-2021-30799 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. |
| 6.5 | 2021-09-08 | CVE-2021-30796 | A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing a maliciously crafted image may lead to a denial of service. |
| 9.8 | 2021-09-08 | CVE-2021-30793 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges. |
| 7.8 | 2021-09-08 | CVE-2021-30790 | An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. |
| 7.8 | 2021-09-08 | CVE-2021-30789 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution. |
| 7.1 | 2021-09-08 | CVE-2021-30788 | This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. |
| 7.8 | 2021-09-08 | CVE-2021-30787 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to cause unexpected system termination or write kernel memory. |
| 7.8 | 2021-09-08 | CVE-2021-30785 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution. |
| 6.5 | 2021-09-08 | CVE-2021-30783 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A sandboxed process may be able to circumvent sandbox restrictions. |
| 5.5 | 2021-09-08 | CVE-2021-30782 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to access restricted files. |
| 7.8 | 2021-09-08 | CVE-2021-30781 | This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary code execution. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 30% (711) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10% (246) | CWE-20 | Improper Input Validation |
| 8% (205) | CWE-787 | Out-of-bounds Write |
| 8% (192) | CWE-200 | Information Exposure |
| 6% (158) | CWE-125 | Out-of-bounds Read |
| 6% (151) | CWE-264 | Permissions, Privileges, and Access Controls |
| 2% (68) | CWE-189 | Numeric Errors |
| 2% (52) | CWE-399 | Resource Management Errors |
| 2% (50) | CWE-362 | Race Condition |
| 2% (49) | CWE-416 | Use After Free |
| 1% (35) | CWE-310 | Cryptographic Issues |
| 1% (34) | CWE-284 | Access Control (Authorization) Issues |
| 1% (31) | CWE-287 | Improper Authentication |
| 1% (30) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 1% (27) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (22) | CWE-476 | NULL Pointer Dereference |
| 0% (22) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (19) | CWE-254 | Security Features |
| 0% (19) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 0% (17) | CWE-190 | Integer Overflow or Wraparound |
| 0% (15) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (14) | CWE-665 | Improper Initialization |
| 0% (14) | CWE-269 | Improper Privilege Management |
| 0% (14) | CWE-134 | Uncontrolled Format String |
| 0% (12) | CWE-19 | Data Handling |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-6 | Argument Injection |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-15 | Command Delimiters |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-19 | Embedding Scripts within Scripts |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-28 | Fuzzing |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-37 | Lifting Data Embedded in Client Distributions |
| CAPEC-38 | Leveraging/Manipulating Configuration File Search Paths |
| CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:2248 | Sun RPC No Timeout Denial of Service on TCP Ports |
| oval:org.mitre.oval:def:567 | BO in Samba call_trans2open Function |
| oval:org.mitre.oval:def:2163 | Samba call_trans2open() Buffer Overflow |
| oval:org.mitre.oval:def:1970 | Off-by-one Error in fb_realpath() |
| oval:org.mitre.oval:def:595 | Potential BO in Ruleset Parsing for Sendmail |
| oval:org.mitre.oval:def:3606 | Sendmail Ruleset Parsing Buffer Overflow |
| oval:org.mitre.oval:def:603 | Sendmail BO in prescan Function |
| oval:org.mitre.oval:def:572 | Sendmail BO in Prescan Function |
| oval:org.mitre.oval:def:2975 | Sendmail prescan function Buffer Overflow |
| oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
| oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
| oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
| oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
| oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
| oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
| oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
| oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
| oval:org.mitre.oval:def:8896 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif... |
| oval:org.mitre.oval:def:100114 | libtiff RLE Decoder Buffer Overflow Vulnerabilities |
| oval:org.mitre.oval:def:10703 | OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and po... |
| oval:org.mitre.oval:def:9907 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attacker... |
| oval:org.mitre.oval:def:100116 | libtiff Malloc Error Denial of Service |
SAINT Exploits
| Description | Link |
|---|---|
| Safari Script Editor AppleScript execution | More info here |
| Samba call_trans2open buffer overflow | More info here |
| OS X rootpipe privilege elevation | More info here |
| Mac OS X rsh Environment Variables Privilege Elevation | More info here |
| MySQL yaSSL SSL Hello message buffer overflow | More info here |
| Safari archive metadata command execution | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78148 | Google Chrome libxml2 parser.c xmlStringLenDecodeEntities() Function Remote O... |
| 77203 | Apple Mac OS X Multiple Sandbox Profile Process Restriction launchctl Network... |
| 77202 | Apple Mac OS X Multiple Sandbox Profile Process Restriction osascript Network... |
| 76391 | Apple Safari WebKit Private Browsing Mode Cookie Block Bypass |
| 76390 | Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E... |
| 76389 | Apple Safari file:// URL Handling Remote Code Execution |
| 76380 | Apple Mac OS X QuickTime FLIC File Handling Overflow |
| 76379 | Apple Mac OS X QuickTime FlashPix File Handling Overflow |
| 76378 | Apple Mac OS X QuickTime Movie File Atom Hierarchy Handling Remote Code Execu... |
| 76377 | Apple Mac OS X QuickTime Movie File URL Data Handlers Handling Memory Disclosure |
| 76376 | Apple Mac OS X SMB File Server nobody Guest User Access Restriction Bypass |
| 76375 | Apple Mac OS X User Documentation App Store Help Content MitM Weakness Remote... |
| 76373 | Apple Mac OS X QuickTime Save for Web Export MitM Weakness XSS |
| 76372 | Apple Mac OS X Multiple QuickTime Movie File Handling Memory Corruption |
| 76371 | Apple Mac OS X Open Directory LDAPv3 rFC2307 Mapping Authentication Bypass |
| 76370 | Apple Mac OS X Open Directory Access Control Weakness Password Manipulation |
| 76369 | Apple Mac OS X Open Directory Access Control Weakness Local Password Disclosure |
| 76368 | Apple Mac OS X MediaKit Multiple Disk Image Handling Memory Corruption |
| 76367 | Apple Mac OS X libsecurity Nonstandard Certificate Revocation Website / Email... |
| 76366 | Apple Mac OS X Kernel Sticky Bit Directory Arbitrary File Deletion |
| 76365 | Apple Mac OS X Kernel Firewall DMA Protection Weakness Password Disclosure |
| 76364 | Apple Mac OS X IOGraphics Apple Cinema Displays Screen Lock Bypass |
| 76363 | Apple Mac OS X File Systems WebDAV Volume Handling HTTPS Server Certificate W... |
| 76362 | Apple Mac OS X CoreStorage FileVault Encryption Weakness |
| 76361 | Apple Mac OS X CoreProcesses System Window Partial Locked Screen Bypass |
ExploitDB Exploits
| id | Description |
|---|---|
| 35440 | Mac OS X IOKit Keyboard Driver Root Privilege Escalation |
| 35427 | tnftp - clientside BSD exploit |
| 32754 | MacOS X 10.9 Hard Link Memory Corruption |
| 31875 | Python socket.recvfrom_into() - Remote Buffer Overflow |
| 30395 | PHP openssl_x509_parse() - Memory Corruption Vulnerability |
| 29168 | Apple Remote Desktop 3.7 - PoC |
| 27944 | Mac OS X Sudo Password Bypass |
| 25974 | Mac OSX Server DirectoryService Buffer Overflow |
| 25256 | Apple Mac OS X 10.3.x Multiple Vulnerabilities |
| 20705 | SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities |
| 18853 | SAP Netweaver Dispatcher Multiple Vulnerabilities |
| 17986 | Apple Safari file:// Arbitrary Code Execution |
| 17901 | Mac OS X < 10.6.7 Kernel Panic Exploit |
| 15491 | Apple Directory Services Memory Corruption |
| 15035 | MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability |
| 14869 | MOAUB #2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulne... |
| 14422 | libpng <= 1.4.2 Denial of Service Vulnerability |
| 12375 | MacOS X 10.6 HFS File System Attack (Denial of Service) |
| 4759 | Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit |
| 4013 | Mac OS X < 2007-005 (vpnd) Local Privilege Escalation Exploit |
| 2464 | Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x 0day) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
| 2012-11-16 | Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console File : nvt/gb_VMSA-2012-0016.nasl |
| 2012-10-19 | Name : Ubuntu Update for python2.5 USN-1613-1 File : nvt/gb_ubuntu_USN_1613_1.nasl |
| 2012-10-19 | Name : Ubuntu Update for python2.4 USN-1613-2 File : nvt/gb_ubuntu_USN_1613_2.nasl |
| 2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
| 2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-02 (tiff) File : nvt/glsa_201209_02.nasl |
| 2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-06 (expat) File : nvt/glsa_201209_06.nasl |
| 2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
| 2012-09-11 | Name : Ubuntu Update for xmlrpc-c USN-1527-2 File : nvt/gb_ubuntu_USN_1527_2.nasl |
| 2012-09-10 | Name : Slackware Advisory SSA:2011-133-01 apr/apr-util File : nvt/esoft_slk_ssa_2011_133_01.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-1794 File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xulrunner FEDORA-2012-1800 File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-1892 File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-2003 File : nvt/gb_fedora_2012_2003_libpng10_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-4910 File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for groff FEDORA-2012-8577 File : nvt/gb_fedora_2012_8577_groff_fc17.nasl |
| 2012-08-20 | Name : Adobe Acrobat Multiple Vulnerabilities - Mac OS X File : nvt/gb_adobe_acrobat_mult_vuln_aug12_macosx.nasl |
| 2012-08-20 | Name : Adobe Reader Multiple Vulnerabilities - Mac OS X File : nvt/gb_adobe_prdts_mult_vuln_aug12_macosx.nasl |
| 2012-08-14 | Name : Ubuntu Update for expat USN-1527-1 File : nvt/gb_ubuntu_USN_1527_1.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2525-1 (expat) File : nvt/deb_2525_1.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-15 (libpng) File : nvt/glsa_201206_15.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
| 2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:022 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_022_firefox.nasl |
| 2012-08-03 | Name : Mandriva Update for expat MDVSA-2012:041 (expat) File : nvt/gb_mandriva_MDVSA_2012_041.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0222 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0061471 |
| 2015-B-0105 | Multiple Vulnerabilities in Apple QuickTime Severity: Category II - VMSKEY: V0061349 |
| 2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
| 2015-A-0174 | Multiple Vulnerabilities in Apache HTTP Server Severity: Category I - VMSKEY: V0061135 |
| 2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0061089 |
| 2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
| 2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
| 2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
| 2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
| 2014-A-0114 | Multiple Vulnerabilities in Apache HTTP Server Severity: Category I - VMSKEY: V0053307 |
| 2014-A-0091 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0052905 |
| 2014-B-0048 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0050015 |
| 2014-A-0059 | Apple Mac OS X Security Update 2014-002 Severity: Category I - VMSKEY: V0049741 |
| 2014-B-0024 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0046157 |
| 2014-A-0030 | Apple Mac OS X Security Update 2014-001 Severity: Category I - VMSKEY: V0044547 |
| 2014-B-0018 | Multiple Vulnerabilities in Apple Quick Time Severity: Category II - VMSKEY: V0044545 |
| 2014-B-0022 | Multiple Vulnerabilities in PostgreSQL Severity: Category I - VMSKEY: V0044531 |
| 2014-B-0017 | Apple iOS Security Bypass Vulnerability Severity: Category I - VMSKEY: V0044529 |
| 2014-B-0011 | Multiple Vulnerabilities in NVIDIA Graphics Driver Severity: Category I - VMSKEY: V0043922 |
| 2013-A-0179 | Apple Mac OS X Security Update 2013-004 Severity: Category I - VMSKEY: V0040373 |
| 2012-A-0189 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0035032 |
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
| 2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032171 |
| 2012-A-0020 | Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0031252 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office GIF image descriptor memory corruption attempt RuleID : 8414 - Type : FILE-OFFICE - Revision : 16 |
| 2014-01-10 | RCPT TO overflow RuleID : 654-community - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | RCPT TO overflow RuleID : 654 - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | Apple Safari x-unix-mode executable mail attachment RuleID : 5714 - Type : BROWSER-WEBKIT - Revision : 13 |
| 2021-01-12 | file URI redirect attempt RuleID : 56580 - Type : POLICY-OTHER - Revision : 1 |
| 2020-11-19 | Apple Safari Webkit attribute child removal code execution attempt RuleID : 56042 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-02-25 | Apple Safari user assisted applescript code execution attempt RuleID : 52622 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-02-25 | Apple Safari user assisted applescript code execution attempt RuleID : 52621 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52466 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52465 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52464 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52463 - Type : FILE-PDF - Revision : 1 |
| 2020-01-07 | yaSSL SSL Hello Message buffer overflow attempt RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit out-of-bounds read attempt RuleID : 52342 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit out-of-bounds read attempt RuleID : 52341 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52316 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52315 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52314 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-03 | Apple Safari WebKit memory corruption attempt RuleID : 52313 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52307 - Type : FILE-IMAGE - Revision : 1 |
| 2019-12-24 | Mutiple products libpng extra row heap overflow attempt RuleID : 52306 - Type : FILE-IMAGE - Revision : 1 |
| 2019-11-15 | WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt RuleID : 51832 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-15 | WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt RuleID : 51831 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-12 | WebKit JavaScriptCore JSValue use after free attempt RuleID : 51824 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-12 | WebKit JavaScriptCore JSValue use after free attempt RuleID : 51823 - Type : BROWSER-WEBKIT - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-14 | Name: The remote Debian host is missing a security update. File: debian_DLA-1633.nasl - Type: ACT_GATHER_INFO |
| 2019-01-11 | Name: The remote device is missing a vendor-supplied security patch. File: juniper_jsa10916.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4e088b6d7c.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-9dbe983805.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-bdc5bfaedc.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-ca03363d57.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12_1_1.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14_2.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-006.nasl - Type: ACT_GATHER_INFO |
| 2018-12-21 | Name: The remote host is missing a macOS security update that fixes multiple vulner... File: macosx_SecUpd_10_13_6_2018-003.nasl - Type: ACT_GATHER_INFO |
| 2018-12-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-1601.nasl - Type: ACT_GATHER_INFO |
| 2018-11-30 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4347.nasl - Type: ACT_GATHER_INFO |
| 2018-11-27 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-2478.nasl - Type: ACT_GATHER_INFO |
| 2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO |
| 2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote Apple TV device is affected by multiple vulnerabilities. File: appletv_12_1.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_9_1.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_9_1_banner.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14_1.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS or Mac OS X security update that fixes mul... File: macosx_SecUpd2018-005.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS security update that fixes multiple vulner... File: macosx_SecUpd_10_13_6_2018-002.nasl - Type: ACT_GATHER_INFO |
| 2018-10-18 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14.nasl - Type: ACT_GATHER_INFO |
| 2018-10-02 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: itunes_12_8_banner.nasl - Type: ACT_GATHER_INFO |
