Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-3796 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-15 | 7.5 HIGH | N/A |
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798. | |||||
CVE-2013-5229 | 1 Apple | 2 Apple Remote Desktop, Mac Os X | 2017-09-13 | 3.7 LOW | N/A |
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box. | |||||
CVE-2015-7648 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-12 | 10.0 HIGH | N/A |
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647. | |||||
CVE-2015-7647 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-09-12 | 10.0 HIGH | N/A |
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648. | |||||
CVE-2015-7110 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-12 | 6.9 MEDIUM | N/A |
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image. | |||||
CVE-2015-7109 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-12 | 9.3 HIGH | N/A |
IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2015-7108 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2015-7107 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-12 | 6.8 MEDIUM | N/A |
QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file. | |||||
CVE-2015-7106 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2015-7094 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-12 | 2.6 LOW | N/A |
CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL. | |||||
CVE-2015-7081 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-12 | 5.0 MEDIUM | N/A |
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
CVE-2015-7078 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects. | |||||
CVE-2015-7077 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors. | |||||
CVE-2015-7076 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
CVE-2015-7071 | 1 Apple | 1 Mac Os X | 2017-09-12 | 10.0 HIGH | N/A |
The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname. | |||||
CVE-2015-7067 | 1 Apple | 1 Mac Os X | 2017-09-12 | 2.1 LOW | N/A |
IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type. | |||||
CVE-2015-7063 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname. | |||||
CVE-2015-7062 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-12 | 4.6 MEDIUM | N/A |
Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors. | |||||
CVE-2015-7052 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.2 HIGH | N/A |
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors. | |||||
CVE-2015-7044 | 1 Apple | 1 Mac Os X | 2017-09-12 | 7.6 HIGH | N/A |
The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root privileges. |