Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Mac Os X  >> 10.8.0  Security Vulnerabilities
CVE-2015-3678
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
CVSS Score
7.2
EPSS Score
0.002
Published
2015-07-03
CVE-2015-3677
The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-07-03
CVE-2015-3675
The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.
CVSS Score
5.0
EPSS Score
0.003
Published
2015-07-03
CVE-2015-3676
AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-07-03
CVE-2015-3674
afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.022
Published
2015-07-03
CVE-2015-3673
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.
CVSS Score
7.2
EPSS Score
0.06
Published
2015-07-03
CVE-2015-3672
Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.0
Published
2015-07-03
CVE-2015-3671
Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.0
Published
2015-07-03
CVE-2015-3669
QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665.
CVSS Score
6.8
EPSS Score
0.02
Published
2015-07-03
CVE-2015-3668
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3667.
CVSS Score
6.8
EPSS Score
0.036
Published
2015-07-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved