Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Mac Os X  >> 10.9.5  Security Vulnerabilities
CVE-2015-3143
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
CVSS Score
5.0
EPSS Score
0.162
Published
2015-04-24
CVE-2015-1148
Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file.
CVSS Score
5.0
EPSS Score
0.015
Published
2015-04-10
CVE-2015-1147
Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network.
CVSS Score
5.0
EPSS Score
0.016
Published
2015-04-10
CVE-2015-1146
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145.
CVSS Score
1.9
EPSS Score
0.004
Published
2015-04-10
CVE-2015-1145
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146.
CVSS Score
1.9
EPSS Score
0.004
Published
2015-04-10
CVE-2015-1144
Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier.
CVSS Score
7.2
EPSS Score
0.004
Published
2015-04-10
CVE-2015-1142
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data.
CVSS Score
2.1
EPSS Score
0.004
Published
2015-04-10
CVE-2015-1143
LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue.
CVSS Score
7.2
EPSS Score
0.005
Published
2015-04-10
CVE-2015-1141
The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.004
Published
2015-04-10
CVE-2015-1140
Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.01
Published
2015-04-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved