cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.
Max CVSS
2.1
EPSS Score
0.06%
Published
2014-11-18
Updated
2017-08-29
The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.65%
Published
2014-11-18
Updated
2017-08-29
Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.69%
Published
2014-11-18
Updated
2017-08-29
The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server.
Max CVSS
2.6
EPSS Score
0.27%
Published
2014-10-18
Updated
2017-08-29
Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient address from a message, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading a message intended exclusively for other recipients.
Max CVSS
4.3
EPSS Score
0.46%
Published
2014-10-18
Updated
2017-08-29
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
Max CVSS
4.3
EPSS Score
0.60%
Published
2014-10-18
Updated
2017-08-29
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
Max CVSS
4.3
EPSS Score
0.15%
Published
2014-09-18
Updated
2019-03-08
The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object.
Max CVSS
4.9
EPSS Score
0.05%
Published
2014-04-23
Updated
2014-04-24
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.
Max CVSS
4.9
EPSS Score
2.97%
Published
2014-04-23
Updated
2019-03-08
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!