Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-3795 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 9.3 HIGH | N/A |
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message. | |||||
CVE-2015-3797 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.5 HIGH | N/A |
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798. | |||||
CVE-2015-3798 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.5 HIGH | N/A |
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797. | |||||
CVE-2015-3800 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.2 HIGH | N/A |
The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. | |||||
CVE-2015-3802 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.2 HIGH | N/A |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805. | |||||
CVE-2015-3803 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.2 HIGH | N/A |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file. | |||||
CVE-2015-3805 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.2 HIGH | N/A |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. | |||||
CVE-2015-3806 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.2 HIGH | N/A |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file. | |||||
CVE-2015-6986 | 1 Apple | 1 Iphone Os | 2016-12-23 | 9.3 HIGH | N/A |
com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attackers to execute arbitrary code via a crafted app that leverages an unspecified "type confusion." | |||||
CVE-2015-6994 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 7.1 HIGH | N/A |
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app. | |||||
CVE-2015-7014 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-23 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | |||||
CVE-2015-5749 | 1 Apple | 1 Iphone Os | 2016-12-23 | 4.3 MEDIUM | N/A |
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app. | |||||
CVE-2015-7017 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2016-12-23 | 7.5 HIGH | N/A |
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992. | |||||
CVE-2015-5759 | 1 Apple | 1 Iphone Os | 2016-12-23 | 5.0 MEDIUM | N/A |
WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events. | |||||
CVE-2015-7015 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-23 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client. | |||||
CVE-2015-7035 | 1 Apple | 1 Mac Os X | 2016-12-23 | 7.5 HIGH | N/A |
Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors. | |||||
CVE-2015-5782 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-23 | 4.3 MEDIUM | N/A |
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. | |||||
CVE-2015-5936 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-23 | 6.8 MEDIUM | N/A |
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and CVE-2015-5939. | |||||
CVE-2015-5937 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-23 | 6.8 MEDIUM | N/A |
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and CVE-2015-5939. | |||||
CVE-2015-5939 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-23 | 6.8 MEDIUM | N/A |
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and CVE-2015-5937. |