Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-24 | CVE-2013-5162 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass the passcode-failure disabled state by leveraging certain incorrect visibility of the passcode-entry view after use of the Phone app. | 2.1 |
| 2013-10-24 | CVE-2013-5144 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by tapping the emergency-call button during a certain notification and camera-pane state to trigger a NULL pointer dereference. | 3.3 |
| 2013-10-24 | CVE-2013-5136 | Information Exposure vulnerability in Apple Remote Desktop Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network during an unintended cleartext VNC session. | 4.3 |
| 2013-10-24 | CVE-2013-5135 | USE of Externally-Controlled Format String vulnerability in Apple Remote Desktop and mac OS X Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username. | 7.5 |
| 2013-10-04 | CVE-2013-5163 | Improper Authentication vulnerability in Apple mac OS X Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors. | 6.6 |
| 2013-09-28 | CVE-2013-5161 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors. | 4.4 |
| 2013-09-28 | CVE-2013-5160 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL pointer dereference. | 3.3 |
| 2013-09-20 | CVE-2013-1130 | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissions for a library directory, which allows local users to gain privileges via a crafted library file, aka Bug ID CSCue33619. | 6.8 |
| 2013-09-19 | CVE-2013-5159 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element. | 4.3 |
| 2013-09-19 | CVE-2013-5158 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Social subsystem in Apple iOS before 7 does not properly restrict access to the cache of Twitter icons, which allows physically proximate attackers to obtain sensitive information about recent Twitter interaction via unspecified vectors. | 2.1 |