Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by tapping the. Rated low severity (CVSS 3.3). No vendor patch available.
CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration. Rated low severity (CVSS 3.3). No vendor patch available.
Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by. Rated low severity (CVSS 3.3). No vendor patch available.
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used,. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass the passcode-failure disabled state by leveraging certain incorrect visibility of the. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which. Rated low severity (CVSS 1.9). No vendor patch available.
CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to. Rated low severity (CVSS 1.9). No vendor patch available.