Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Mac Os X  >> 10.8.3  Security Vulnerabilities
CVE-2016-1860
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.
CVSS Score
3.3
EPSS Score
0.002
Published
2016-06-19
CVE-2016-4171
Known exploited
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
CVSS Score
9.8
EPSS Score
0.236
Published
2016-06-16
CVE-2016-4448
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVSS Score
9.8
EPSS Score
0.016
Published
2016-06-09
CVE-2016-4447
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVSS Score
7.5
EPSS Score
0.028
Published
2016-06-09
CVE-2016-4073
Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.
CVSS Score
9.8
EPSS Score
0.038
Published
2016-05-20
CVE-2016-4072
The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c.
CVSS Score
9.8
EPSS Score
0.057
Published
2016-05-20
CVE-2016-4071
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.
CVSS Score
9.8
EPSS Score
0.255
Published
2016-05-20
CVE-2016-1853
Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support.
CVSS Score
7.5
EPSS Score
0.013
Published
2016-05-20
CVE-2016-1851
The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors.
CVSS Score
4.6
EPSS Score
0.001
Published
2016-05-20
CVE-2016-1850
SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
CVSS Score
7.8
EPSS Score
0.005
Published
2016-05-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved