cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2017-2488,https://securityvulnerability.io/vulnerability/CVE-2017-2488,Cryptographic Vulnerability in Apple Remote Desktop Authentication Protocol,"A vulnerability in the authentication protocol of Apple Remote Desktop exposes users to potential attacks, allowing malicious actors to capture cleartext passwords. This cryptographic weakness compromises the security of user sessions, making it imperative for users to upgrade to Apple Remote Desktop 3.9 or later, where the issue has been remedied by the implementation of the Secure Remote Password authentication protocol.",Apple,Apple Remote Desktop,7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2021-12-23T19:48:20.000Z,0
CVE-2013-5135,https://securityvulnerability.io/vulnerability/CVE-2013-5135,,Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.,Apple,Apple Remote Desktop,,,0.03067000024020672,false,,false,false,false,,,false,false,,2013-10-24T03:48:00.000Z,0
CVE-2013-5136,https://securityvulnerability.io/vulnerability/CVE-2013-5136,,"Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network during an unintended cleartext VNC session.",Apple,Apple Remote Desktop,,,0.0028299998957663774,false,,false,false,false,,,false,false,,2013-10-24T03:48:00.000Z,0
CVE-2012-0681,https://securityvulnerability.io/vulnerability/CVE-2012-0681,,"Apple Remote Desktop before 3.6.1 does not recognize the ""Encrypt all network data"" setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network.",Apple,Apple Remote Desktop,,,0.00215000007301569,false,,false,false,false,,,false,false,,2012-08-22T10:00:00.000Z,0
CVE-2006-4887,https://securityvulnerability.io/vulnerability/CVE-2006-4887,,"Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation.  NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.",Apple,Apple Remote Desktop,,,0.0006000000284984708,false,,false,false,false,,,false,false,,2006-09-19T21:00:00.000Z,0
CVE-2004-0962,https://securityvulnerability.io/vulnerability/CVE-2004-0962,,"Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.",Apple,Apple Remote Desktop,,,0.008070000447332859,false,,false,false,false,,,false,false,,2005-02-09T05:00:00.000Z,0