mac_os_x vulnerabilities and exploits

4.3
CVSSv2
CVE-2018-4112

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "ATS" component. It allows attackers to obtain sensitive information by leveraging symlink mishandling....

7.5
CVSSv2
CVE-2017-7123

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the third-party "file" product. Versions before 5.30 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact....

4.3
CVSSv2
CVE-2018-4111

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but...

6.8
CVSSv2
CVE-2017-13807

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickTime file....

9.3
CVSSv2
CVE-2015-3691

The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages control of a function pointer....

7.2
CVSSv2
CVE-2015-3678

AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands....

6.8
CVSSv2
CVE-2016-4599

QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document....

6.8
CVSSv2
CVE-2014-4441

NetFS Client Framework in Apple OS X before 10.10 does not ensure that the disabling of File Sharing is always possible, which allows remote attackers to read or write to files by leveraging a state in which File Sharing is permanently enabled....

9.3
CVSSv2
CVE-2016-4671

An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) via a crafted...

AppleMac Os X
4.3
CVSSv2
CVE-2013-5190

Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure....