Vulnerabilities > Apple > Macos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2019-14899 | Man-in-the-Middle vulnerability in multiple products A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |
| 2019-07-01 | CVE-2019-13118 | Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. | 5.3 |
| 2001-02-12 | CVE-2001-0102 | Unspecified vulnerability in Apple Macos "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | 7.2 |
| 2000-06-01 | CVE-1999-0590 | A system does not present an appropriate legal message or warning to a user who is accessing it. | 10.0 |
| 1999-12-28 | CVE-2000-0041 | Unspecified vulnerability in Apple Macos 9.0 Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack. | 5.0 |
| 1999-11-01 | CVE-1999-1077 | Unspecified vulnerability in Apple Macos 9 Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | 4.6 |
| 1999-10-26 | CVE-1999-1076 | Unspecified vulnerability in Apple Macos 9 Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | 4.6 |
| 1999-07-10 | CVE-1999-1543 | Unspecified vulnerability in Apple Macos MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. | 4.6 |
| 1999-06-03 | CVE-1999-1412 | A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | 5.0 |
| 1999-05-21 | CVE-1999-1393 | Unspecified vulnerability in Apple Macos 8.5/8.6 Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. | 4.6 |