Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-5754 | 1 Apple | 1 Mac Os X | 2017-09-20 | 9.3 HIGH | N/A |
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error. | |||||
CVE-2015-5753 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, and CVE-2015-5779. | |||||
CVE-2015-5751 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5753, and CVE-2015-5779. | |||||
CVE-2015-5750 | 1 Apple | 1 Mac Os X | 2017-09-20 | 7.5 HIGH | N/A |
Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters. | |||||
CVE-2015-5748 | 1 Apple | 3 Iphone Os, Mac Os X, Safari | 2017-09-20 | 2.1 LOW | N/A |
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. | |||||
CVE-2015-5747 | 1 Apple | 1 Mac Os X | 2017-09-20 | 4.9 MEDIUM | N/A |
The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors. | |||||
CVE-2015-5125 | 5 Adobe, Apple, Linux and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2017-09-20 | 10.0 HIGH | N/A |
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2015-3799 | 1 Apple | 1 Mac Os X | 2017-09-20 | 9.3 HIGH | N/A |
The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app. | |||||
CVE-2015-3791 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
CVE-2015-3794 | 1 Apple | 1 Mac Os X | 2017-09-20 | 6.8 MEDIUM | N/A |
The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Unicode string. | |||||
CVE-2015-3790 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
CVE-2015-3789 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
CVE-2015-3788 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
CVE-2015-3787 | 1 Apple | 1 Mac Os X | 2017-09-20 | 3.3 LOW | N/A |
The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets. | |||||
CVE-2015-3786 | 1 Apple | 1 Mac Os X | 2017-09-20 | 4.3 MEDIUM | N/A |
The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired devices via a crafted app. | |||||
CVE-2015-3783 | 1 Apple | 1 Mac Os X | 2017-09-20 | 7.5 HIGH | N/A |
SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||||
CVE-2015-3781 | 1 Apple | 1 Mac Os X | 2017-09-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search. | |||||
CVE-2015-3780 | 1 Apple | 1 Mac Os X | 2017-09-20 | 4.3 MEDIUM | N/A |
The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | |||||
CVE-2015-3779 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-20 | 6.8 MEDIUM | N/A |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
CVE-2015-3777 | 1 Apple | 1 Mac Os X | 2017-09-20 | 7.2 HIGH | N/A |
Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. |