Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-7803 | 2 Apple, Php | 2 Mac Os X, Php | 2016-12-07 | 6.8 MEDIUM | N/A |
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist. | |||||
CVE-2015-7804 | 2 Apple, Php | 2 Mac Os X, Php | 2016-12-07 | 6.8 MEDIUM | N/A |
Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive. | |||||
CVE-2015-7192 | 2 Apple, Mozilla | 2 Mac Os X, Firefox | 2016-12-07 | 7.5 HIGH | N/A |
The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index. | |||||
CVE-2015-7090 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | |||||
CVE-2015-7037 | 1 Apple | 1 Iphone Os | 2016-12-07 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. | |||||
CVE-2015-7070 | 1 Apple | 1 Iphone Os | 2016-12-07 | 9.3 HIGH | N/A |
Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7069. | |||||
CVE-2015-7056 | 1 Apple | 1 Xcode | 2016-12-07 | 5.0 MEDIUM | N/A |
IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. | |||||
CVE-2015-7069 | 1 Apple | 1 Iphone Os | 2016-12-07 | 9.3 HIGH | N/A |
Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7070. | |||||
CVE-2015-7092 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted TXXX frame within an ID3 tag in MP3 data in a movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7117. | |||||
CVE-2015-7089 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | |||||
CVE-2015-7049 | 1 Apple | 1 Xcode | 2016-12-07 | 4.6 MEDIUM | N/A |
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057. | |||||
CVE-2015-7117 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092. | |||||
CVE-2015-7091 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7092, and CVE-2015-7117. | |||||
CVE-2015-7093 | 1 Apple | 1 Safari | 2016-12-07 | 4.3 MEDIUM | N/A |
Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL in the user interface via a crafted web site. | |||||
CVE-2015-7080 | 1 Apple | 1 Iphone Os | 2016-12-07 | 2.1 LOW | N/A |
Siri in Apple iOS before 9.2 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device in the lock-screen state. | |||||
CVE-2015-7082 | 2 Apple, Git Project | 2 Xcode, Git | 2016-12-07 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases. | |||||
CVE-2015-7113 | 1 Apple | 2 Iphone Os, Watchos | 2016-12-07 | 10.0 HIGH | N/A |
The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a malformed plist. | |||||
CVE-2015-7085 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | |||||
CVE-2015-7088 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | |||||
CVE-2015-7086 | 1 Apple | 1 Quicktime | 2016-12-07 | 6.8 MEDIUM | 6.6 MEDIUM |
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. |