NotCVE - vendor:"Apple" product:"Mac Os X" version:" <= 10.10.0"

Page 183 of 2914 results (0.012 seconds)

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5173

https://notcve.org/view.php?id=CVE-2013-5173

24 Oct 2013 — The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires many random numbers. El generador de números aleatorios en el kernel de Apple Mac OS X anteriores a 10.9 proporciona acceso exclusivo estenso para procesar peticiones grandes, lo cual permite a usuarios locales causar denegación de servicio (agotamiento te... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-310: Cryptographic Issues •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5171

https://notcve.org/view.php?id=CVE-2013-5171

24 Oct 2013 — CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration. CoreGraphics en Apple Mac OS X anterior a la versión 10.9 permite a atacantes locales evadir el modo de entrada segura y registrar pulsaciones de teclado de una aplicación arbitraria a través de un evento de registro hotkey. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 3%CPEs: 20EXPL: 0

CVE-2013-5135

https://notcve.org/view.php?id=CVE-2013-5135

24 Oct 2013 — Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username. Vulnerabilidad de format string en Screen Sharing Server de Apple Mac OS X anterior a 10.9 y Apple Remote Desktop anterior a 3.5.4 permite a atacantes remotos ejecutar código arbitrario a través especificadores de formato de cadena en el nombre de usuario VNC. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-134: Use of Externally-Controlled Format String •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5185

https://notcve.org/view.php?id=CVE-2013-5185

24 Oct 2013 — The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network. El programa de línea de comandos ldapsearch en OpenLDAP en Apple Mac OS X anteriores a 10.9 no procesa correctamente la configuración de minssf, lo cual permite a atacantes remotos obtener información sensible aprovechándose de cifrados débiles ... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-310: Cryptographic Issues •

CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5167

https://notcve.org/view.php?id=CVE-2013-5167

24 Oct 2013 — CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers. CFNetwork en Apple Mac OS X anterior 10.9 no soporta apropiadamente el borrado de cookies cuando se realiza una operación de reset en Safari, lo que hace más fácil a los servidores web remotos rastrear usuarios a través de cabeceras Set-Cookie HTTP. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-16: Configuration •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5192

https://notcve.org/view.php?id=CVE-2013-5192

24 Oct 2013 — The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number. El controlador hub USB en Apple Mac OS X anterior a la versión 10.9 permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de una solicitud manipulada con un (1) puerto o (2) el número de puerto. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5175

https://notcve.org/view.php?id=CVE-2013-5175

24 Oct 2013 — The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file. El kernel en Apple Mac OS X anterior a 10.9 permite a usuarios locales obtener información sensible o causar una denegación de servicio (lectura fuera de rango y caída del sistema) a través de un archivo Mach-O manipulado. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-20: Improper Input Validation •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5187

https://notcve.org/view.php?id=CVE-2013-5187

24 Oct 2013 — The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. La implementación de Screen Lock en Apple Mac OS X anterior a la versión 10.9 no acepta inmediatamente el menú Keychain Status de comandos Lock Screen, y en su lugar conf... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5176

https://notcve.org/view.php?id=CVE-2013-5176

24 Oct 2013 — The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error. El kernel en Apple Mac OS X anterior a 10.9 no maneja apropiadamente los valores enteros durante operaciones de dispositivos tty no especificados, lo que permite a usuarios locales causar una denegación de servicio (cuelgue de sistema) disparando un error de truncado. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-5180

https://notcve.org/view.php?id=CVE-2013-5180

24 Oct 2013 — The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of these values, related to a compiler-optimization issue. La función srandomdev en Libc en Apple Mac OS X anteriores a 10.9, cuando el generador de números aleatorios del kernel no está disponible, pro... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-310: Cryptographic Issues •

1...181 182 183 184 185