Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Total 10175 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-5786 1 Apple 1 Quicktime 2016-12-23 6.8 MEDIUM N/A
Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5785.
CVE-2015-5761 1 Apple 3 Iphone Os, Itunes, Mac Os X 2016-12-23 6.8 MEDIUM N/A
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
CVE-2015-5770 1 Apple 1 Iphone Os 2016-12-23 5.8 MEDIUM N/A
MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
CVE-2015-5757 1 Apple 2 Iphone Os, Mac Os X 2016-12-23 9.3 HIGH N/A
libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.
CVE-2014-3580 4 Apache, Apple, Debian and 1 more 8 Subversion, Xcode, Debian Linux and 5 more 2016-12-23 5.0 MEDIUM N/A
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.
CVE-2015-5752 1 Apple 1 Iphone Os 2016-12-23 5.0 MEDIUM N/A
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
CVE-2015-5925 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-23 6.8 MEDIUM N/A
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.
CVE-2015-5927 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-23 6.8 MEDIUM N/A
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942.
CVE-2015-5930 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-23 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
CVE-2015-7010 1 Apple 2 Iphone Os, Mac Os X 2016-12-23 6.8 MEDIUM N/A
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7018.
CVE-2015-5928 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-23 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
CVE-2015-5929 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-23 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
CVE-2015-5926 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-23 6.8 MEDIUM N/A
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925.
CVE-2015-6988 1 Apple 2 Iphone Os, Mac Os X 2016-12-23 10.0 HIGH N/A
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
CVE-2015-6993 1 Apple 2 Iphone Os, Mac Os X 2016-12-23 6.8 MEDIUM N/A
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018.
CVE-2015-6995 1 Apple 2 Iphone Os, Mac Os X 2016-12-23 6.8 MEDIUM N/A
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-6979 1 Apple 2 Iphone Os, Watchos 2016-12-23 9.3 HIGH N/A
GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-5889 1 Apple 1 Mac Os X 2016-12-23 7.2 HIGH N/A
rsh in the remote_cmds component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving environment variables.
CVE-2015-6982 1 Apple 1 Iphone Os 2016-12-23 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1.
CVE-2015-5935 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-23 6.8 MEDIUM N/A
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and CVE-2015-5939.