Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.7.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3225
The SMB File Server component in Apple Mac OS X 10.7 prior to 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote malicious users to bypass intended browsing restrictions by leveraging access to the nobod...
Apple Mac Os X Server 10.7.1
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.1
2.1
CVSSv2
CVE-2011-3435
Open Directory in Apple Mac OS X 10.7 prior to 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors.
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.0
4.6
CVSSv2
CVE-2011-0260
The CoreProcesses component in Apple Mac OS X 10.7 prior to 10.7.2 does not prevent a system window from receiving keystrokes in the locked-screen state, which might allow physically proximate malicious users to bypass intended access restrictions by typing into this window.
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.0
2.1
CVSSv2
CVE-2011-3212
CoreStorage in Apple Mac OS X 10.7 prior to 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate malicious users to obtain sensitive information by reading directly from the disk device.
Apple Mac Os X Server 10.7.1
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.1
6.8
CVSSv2
CVE-2011-3226
Open Directory in Apple Mac OS X 10.7 prior to 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote malicious users to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account.
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.0
6.5
CVSSv2
CVE-2011-3436
Open Directory in Apple Mac OS X 10.7 prior to 10.7.2 does not require a user to provide the current password before changing this password, which allows remote malicious users to bypass intended password-change restrictions by leveraging an unattended workstation.
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.0
6.8
CVSSv2
CVE-2011-3437
Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 prior to 10.7.2 allows remote malicious users to execute arbitrary code via a crafted embedded Type 1 font in a document.
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.1
6.8
CVSSv2
CVE-2011-3449
Use-after-free vulnerability in CoreText in Apple Mac OS X prior to 10.7.3 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document.
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.0
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server
Apple Mac Os X 10.7.1
Apple Mac Os X
7.5
CVSSv2
CVE-2011-3453
Integer overflow in libresolv in Apple Mac OS X prior to 10.7.3 allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data.
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.0
Apple Mac Os X
Apple Mac Os X 10.7.1
4.3
CVSSv2
CVE-2011-3444
Address Book in Apple Mac OS X prior to 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote malicious users to read CardDAV data by terminating an encrypted connection and then sniffing the network.
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.1
Apple Mac Os X 10.7.1
Apple Mac Os X
Apple Mac Os X Server 10.7.0
Apple Mac Os X Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »