Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.8.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3949
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper progra...
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.1
NA
CVE-2013-3952
The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle.
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.1
NA
CVE-2013-5163
Directory Services in Apple Mac OS X prior to 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X
Apple Mac Os X 10.8.4
NA
CVE-2014-1257
CFNetwork in Apple OS X up to and including 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate malicious users to bypass intended access restrictions by leveraging an unattended workstation.
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.0
Apple Mac Os X
Apple Mac Os X 10.8.4
NA
CVE-2013-5165
socketfilterfw in Application Firewall in Apple Mac OS X prior to 10.9 does not properly implement the --blockApp option, which allows remote malicious users to bypass intended access restrictions via a network connection to an application for which blocking was configured.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X
Apple Mac Os X 10.8.5
NA
CVE-2013-5166
The Bluetooth USB host controller in Apple Mac OS X prior to 10.9 prematurely deletes interfaces, which allows local users to cause a denial of service (system crash) via a crafted application.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.4
Apple Mac Os X
NA
CVE-2013-5167
CFNetwork in Apple Mac OS X prior to 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X
Apple Mac Os X 10.8.5
NA
CVE-2013-5168
Console in Apple Mac OS X prior to 10.9 allows user-assisted remote malicious users to execute arbitrary applications by triggering a log entry with a crafted attached URL.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.1
Apple Mac Os X
NA
CVE-2013-5169
CoreGraphics in Apple Mac OS X prior to 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate malicious users to obtain sensitive information by reading the screen.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.4
Apple Mac Os X
NA
CVE-2013-5170
Buffer underflow in CoreGraphics in Apple Mac OS X prior to 10.9 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
Apple Mac Os X 10.8.5
Apple Mac Os X
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »