The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive information from kernel heap memory via a certain size value in conjunction with a crafted buffer.
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 6.1.4 (inclusive)
|8040||Mac OS X < 10.9 Multiple Vulnerabilities||Nessus Network Monitor||Web Clients|
|70561||Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)||Nessus||MacOS X Local Security Checks|
|70257||Apple TV < 6.0 Multiple Vulnerabilities||Nessus||Misc.|
|69984||Apple iOS < 7 Multiple Vulnerabilities||Nessus||Mobile Devices|
|8013||Apple iOS < 7.0 Multiple Vulnerabilities||Nessus Network Monitor||Mobile Devices|