Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Mac Os X  >> 10.8.0  Security Vulnerabilities
CVE-2016-1851
The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors.
CVSS Score
4.6
EPSS Score
0.001
Published
2016-05-20
CVE-2016-1850
SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
CVSS Score
7.8
EPSS Score
0.005
Published
2016-05-20
CVE-2016-1848
QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
CVSS Score
7.8
EPSS Score
0.033
Published
2016-05-20
CVE-2016-1847
OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVSS Score
8.8
EPSS Score
0.008
Published
2016-05-20
CVE-2016-1846
The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.01
Published
2016-05-20
CVE-2016-1844
The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.012
Published
2016-05-20
CVE-2016-1843
The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.013
Published
2016-05-20
CVE-2016-1842
MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.
CVSS Score
7.5
EPSS Score
0.012
Published
2016-05-20
CVE-2016-1841
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVSS Score
8.8
EPSS Score
0.017
Published
2016-05-20
CVE-2016-1840
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVSS Score
7.8
EPSS Score
0.021
Published
2016-05-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved