Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.8.2 vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2013-3951
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning...
Apple Watchos
Apple Iphone Os
Apple Mac Os X
Apple Mac Os X 10.8.3
Apple Iphone Os 6.1.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
436
VMScore
CVE-2013-3953
The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Iphone Os 6.1.2
Apple Iphone Os 3.0
Apple Iphone Os 3.2
Apple Iphone Os 3.1.3
Apple Iphone Os 1.0.2
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os
Apple Iphone Os 2.2
Apple Iphone Os 1.1.1
Apple Iphone Os 6.1.3
Apple Iphone Os 5.1
Apple Iphone Os 4.2.8
Apple Iphone Os 6.0.2
Apple Iphone Os 4.1
Apple Iphone Os 2.0.0
Apple Iphone Os 3.1.2
187
VMScore
CVE-2013-3952
The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle.
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
614
VMScore
CVE-2013-3954
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) ...
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Iphone Os 6.1.2
Apple Iphone Os 3.0
Apple Iphone Os 3.2
Apple Iphone Os 3.1.3
Apple Iphone Os 1.0.2
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os
Apple Iphone Os 2.2
Apple Iphone Os 1.1.1
Apple Iphone Os 6.1.3
Apple Iphone Os 5.1
Apple Iphone Os 4.2.8
Apple Iphone Os 6.0.2
Apple Iphone Os 4.1
Apple Iphone Os 2.0.0
Apple Iphone Os 3.1.2
187
VMScore
CVE-2013-3949
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper progra...
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
383
VMScore
CVE-2013-0967
CoreTypes in Apple Mac OS X prior to 10.8.3 includes JNLP files in the list of safe file types, which allows remote malicious users to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site.
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.2
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.5
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.4
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.0
Apple Mac Os X 10.7.1
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
436
VMScore
CVE-2013-0969
Login Window in Apple Mac OS X prior to 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate malicious users to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard.
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
605
VMScore
CVE-2013-0971
Use-after-free vulnerability in PDFKit in Apple Mac OS X prior to 10.8.3 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via crafted ink annotations in a PDF document.
Apple Mac Os X 10.6.8
Apple Mac Os X Server 10.6.8
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.5
Apple Mac Os X Server 10.7.2
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.5
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.4
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.4
Apple Mac Os X 10.7.1
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
570
VMScore
CVE-2013-0966
The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X prior to 10.8.3 does not properly handle ignorable Unicode characters, which allows remote malicious users to bypass intended directory authentication requirements via a crafted pathname in a URI.
Apple Mac Os X 10.6.8
Apple Mac Os X Server 10.6.8
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7.5
Apple Mac Os X Server 10.7.2
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.5
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.4
Apple Mac Os X Server 10.7.0
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.4
Apple Mac Os X 10.7.1
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
383
VMScore
CVE-2013-0970
Messages in Apple Mac OS X prior to 10.8.3 allows remote malicious users to bypass the FaceTime call-confirmation prompt via a crafted FaceTime: URL.
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »