CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-4444 287 +Priv 2014-10-17 2014-10-28
4.4
None Local Medium Not required Partial Partial Partial
SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login.
2 CVE-2014-4442 20 DoS 2014-10-17 2014-10-28
4.7
None Local Medium Not required None None Complete
The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket.
3 CVE-2014-4438 362 2014-10-17 2014-10-28
4.4
None Local Medium Not required Partial Partial Partial
Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted.
4 CVE-2014-4435 287 2014-10-17 2014-10-28
4.4
None Local Medium Not required Partial Partial Partial
The "iCloud Find My Mac" feature in Apple OS X before 10.10 does not properly enforce rate limiting of lost-mode PIN entry, which makes it easier for physically proximate attackers to obtain access via a brute-force attack involving a series of reboots.
5 CVE-2014-4434 20 DoS 2014-10-17 2014-10-28
4.9
None Local Low Not required None None Complete
The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.
6 CVE-2014-4432 310 2014-10-17 2014-10-28
4.0
None Local High Not required Complete None None
fdesetup in Apple OS X before 10.10 does not properly display the encryption status in between a setting-update action and a reboot action, which might make it easier for physically proximate attackers to obtain cleartext data by leveraging ignorance of the reboot requirement.
7 CVE-2014-4430 310 2014-10-17 2014-10-28
4.7
None Local Medium Not required Complete None None
CoreStorage in Apple OS X before 10.10 retains a volume's encryption keys upon an eject action in the unlocked state, which makes it easier for physically proximate attackers to obtain cleartext data via a remount.
8 CVE-2014-4426 200 +Info 2014-10-17 2014-10-23
4.3
None Remote Medium Not required Partial None None
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
9 CVE-2014-4425 287 2014-10-17 2014-10-23
4.6
None Local Low Not required Partial Partial Partial
CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation.
10 CVE-2014-4423 264 Bypass 2014-09-18 2014-09-18
4.3
None Remote Medium Not required Partial None None
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application.
11 CVE-2014-4409 200 +Info 2014-09-18 2014-09-28
4.3
None Remote Medium Not required Partial None None
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
12 CVE-2014-4407 +Info 2014-09-18 2014-10-24
4.3
None Remote Medium Not required Partial None None
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
13 CVE-2014-4406 79 XSS 2014-09-19 2014-10-24
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14 CVE-2014-4383 20 2014-09-18 2014-09-18
4.3
None Remote Medium Not required None Partial None
The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header.
15 CVE-2014-4364 310 2014-09-18 2014-10-24
4.3
None Remote Medium Not required Partial None None
The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.
16 CVE-2014-4353 362 +Info 2014-09-18 2014-09-18
4.3
None Remote Medium Not required Partial None None
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.
17 CVE-2014-2856 79 XSS 2014-04-18 2014-04-21
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
18 CVE-2014-2019 264 Bypass 2014-02-18 2014-03-16
4.9
None Local Low Not required None Complete None
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value.
19 CVE-2014-1372 264 Bypass +Info 2014-07-01 2014-07-24
4.9
None Local Low Not required Complete None None
Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call.
20 CVE-2014-1369 20 2014-07-01 2014-07-24
4.3
None Remote Medium Not required Partial None None
WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site.
21 CVE-2014-1355 DoS 2014-07-01 2014-07-24
4.9
None Local Low Not required None None Complete
The IOKit implementation in the kernel in Apple iOS before 7.1.2 and Apple TV before 6.1.2, and in IOReporting in Apple OS X before 10.9.4, allows local users to cause a denial of service (NULL pointer dereference and reboot) via crafted API arguments.
22 CVE-2014-1350 264 Bypass 2014-07-01 2014-07-24
4.6
None Local Low Not required Partial Partial Partial
Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.
23 CVE-2014-1347 264 2014-05-18 2014-05-19
4.4
None Local Medium Not required Partial Partial Partial
Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations.
24 CVE-2014-1345 2014-07-01 2014-07-24
4.3
None Remote Medium Not required None Partial None
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.
25 CVE-2014-1322 200 Bypass +Info 2014-04-23 2014-04-24
4.9
None Local Low Not required Complete None None
The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object.
26 CVE-2014-1320 200 Bypass +Info 2014-04-23 2014-04-24
4.9
None Local Low Not required Complete None None
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.
27 CVE-2014-1296 264 Bypass 2014-04-23 2014-04-23
4.3
None Remote Medium Not required Partial None None
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction.
28 CVE-2014-1265 264 Bypass 2014-02-26 2014-02-27
4.6
None Local Low Not required Partial Partial Partial
The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.
29 CVE-2014-1263 310 2014-02-26 2014-04-24
4.3
None Remote Medium Not required Partial None None
curl in Apple OS X 10.9.x before 10.9.2 does not verify X.509 certificates from HTTPS servers that are accessed using a numerical IP address, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
30 CVE-2014-1253 20 DoS Mem. Corr. 2014-02-14 2014-02-14
4.7
None Local Medium Not required None None Complete
AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable Executable (PE) file.
31 CVE-2013-6799 119 DoS Overflow Mem. Corr. 2013-11-17 2013-11-19
4.7
None Local Medium Not required None None Complete
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
32 CVE-2013-5193 255 2013-11-17 2013-11-19
4.7
None Local Medium Not required None Complete None
The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a (1) App purchase or (2) In-App purchase by leveraging previous entry of Apple ID credentials.
33 CVE-2013-5192 20 DoS 2013-10-23 2013-10-24
4.9
None Local Low Not required None None Complete
The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number.
34 CVE-2013-5190 264 DoS 2013-10-23 2013-10-24
4.3
None Remote Medium Not required None None Partial
Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure.
35 CVE-2013-5188 264 2013-10-23 2013-10-24
4.0
None Local High Not required Complete None None
The Screen Lock implementation in Apple Mac OS X before 10.9, when hibernation and autologin are enabled, does not require a password for a transition out of hibernation, which allows physically proximate attackers to obtain access by visiting an unattended workstation in the hibernating state.
36 CVE-2013-5185 310 +Info 2013-10-23 2013-10-24
4.3
None Remote Medium Not required Partial None None
The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network.
37 CVE-2013-5181 310 +Info 2013-10-23 2013-10-24
4.3
None Remote Medium Not required Partial None None
The auto-configuration feature in Mail in Apple Mac OS X before 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
38 CVE-2013-5180 310 2013-10-23 2013-10-24
4.3
None Remote Medium Not required Partial None None
The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of these values, related to a compiler-optimization issue.
39 CVE-2013-5177 189 DoS 2013-10-23 2013-10-24
4.9
None Local Low Not required None None Complete
The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure.
40 CVE-2013-5176 189 DoS 2013-10-23 2013-10-24
4.9
None Local Low Not required None None Complete
The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error.
41 CVE-2013-5174 189 DoS 2013-10-23 2013-10-24
4.9
None Local Low Not required None None Complete
Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a crafted tty read operation.
42 CVE-2013-5166 DoS 2013-10-23 2013-10-24
4.9
None Local Low Not required None None Complete
The Bluetooth USB host controller in Apple Mac OS X before 10.9 prematurely deletes interfaces, which allows local users to cause a denial of service (system crash) via a crafted application.
43 CVE-2013-5161 264 Bypass 2013-09-27 2013-10-07
4.4
None Local Medium Not required Partial Partial Partial
Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors.
44 CVE-2013-5159 264 Bypass +Info 2013-09-19 2013-10-22
4.3
None Remote Medium Not required Partial None None
WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element.
45 CVE-2013-5156 264 Bypass 2013-09-19 2013-10-22
4.3
None Remote Medium Not required Partial None None
The Telephony subsystem in Apple iOS before 7 does not require API conformity for access to telephony-daemon interfaces, which allows attackers to bypass intended restrictions on phone calls via a crafted app that sends direct requests to the daemon.
46 CVE-2013-5154 264 Bypass 2013-09-19 2013-10-25
4.3
None Remote Medium Not required None Partial None
The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a #! application on the basis of the script interpreter instead of the script, which allows attackers to bypass intended access restrictions via a crafted application.
47 CVE-2013-5152 20 2013-09-19 2013-10-11
4.3
None Remote Medium Not required None Partial None
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site.
48 CVE-2013-5151 79 XSS 2013-09-19 2013-10-22
4.3
None Remote Medium Not required None Partial None
Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting (XSS) attacks by uploading a file.
49 CVE-2013-5149 264 +Info 2013-09-19 2013-10-25
4.3
None Remote Medium Not required Partial None None
The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that employs a crafted push-notification registration process.
50 CVE-2013-5142 200 +Info 2013-09-19 2013-10-30
4.9
None Local Low Not required Complete None None
The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2) segctl API.
Total number of vulnerabilities : 368   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.