Mac OS X
by Apple Inc.
CVEs (2,090)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-6987 | 0.00 | — | 0.00 | Oct 23, 2015 | The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder. | |||
| CVE-2015-6985 | 0.00 | — | 0.02 | Oct 23, 2015 | Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page. | |||
| CVE-2015-6984 | 0.00 | — | 0.01 | Oct 23, 2015 | libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack. | |||
| CVE-2015-6983 | 0.00 | — | 0.02 | Oct 23, 2015 | Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors. | |||
| CVE-2015-6978 | 0.00 | — | 0.05 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,… | |||
| CVE-2015-6977 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,… | |||
| CVE-2015-6976 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,… | |||
| CVE-2015-6974 | 0.00 | — | 0.03 | Oct 23, 2015 | IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||
| CVE-2015-5945 | 0.00 | — | 0.00 | Oct 23, 2015 | The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters. | |||
| CVE-2015-5944 | 0.00 | — | 0.03 | Oct 23, 2015 | CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | |||
| CVE-2015-5943 | 0.00 | — | 0.01 | Oct 23, 2015 | SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app. | |||
| CVE-2015-5942 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927. | |||
| CVE-2015-5940 | 0.00 | — | 0.02 | Oct 23, 2015 | The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted… | |||
| CVE-2015-5939 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and… | |||
| CVE-2015-5938 | 0.00 | — | 0.02 | Oct 23, 2015 | ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image. | |||
| CVE-2015-5937 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and… | |||
| CVE-2015-5936 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and… | |||
| CVE-2015-5935 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and… | |||
| CVE-2015-5934 | 0.00 | — | 0.02 | Oct 23, 2015 | Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933. | |||
| CVE-2015-5933 | 0.00 | — | 0.02 | Oct 23, 2015 | Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934. |
- CVE-2015-6987Oct 23, 2015risk 0.00cvss —epss 0.00
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder.
- CVE-2015-6985Oct 23, 2015risk 0.00cvss —epss 0.02
Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page.
- CVE-2015-6984Oct 23, 2015risk 0.00cvss —epss 0.01
libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.
- CVE-2015-6983Oct 23, 2015risk 0.00cvss —epss 0.02
Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.
- CVE-2015-6978Oct 23, 2015risk 0.00cvss —epss 0.05
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…
- CVE-2015-6977Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
- CVE-2015-6976Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
- CVE-2015-6974Oct 23, 2015risk 0.00cvss —epss 0.03
IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
- CVE-2015-5945Oct 23, 2015risk 0.00cvss —epss 0.00
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.
- CVE-2015-5944Oct 23, 2015risk 0.00cvss —epss 0.03
CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
- CVE-2015-5943Oct 23, 2015risk 0.00cvss —epss 0.01
SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.
- CVE-2015-5942Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.
- CVE-2015-5940Oct 23, 2015risk 0.00cvss —epss 0.02
The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
- CVE-2015-5939Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and…
- CVE-2015-5938Oct 23, 2015risk 0.00cvss —epss 0.02
ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image.
- CVE-2015-5937Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and…
- CVE-2015-5936Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and…
- CVE-2015-5935Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and…
- CVE-2015-5934Oct 23, 2015risk 0.00cvss —epss 0.02
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933.
- CVE-2015-5933Oct 23, 2015risk 0.00cvss —epss 0.02
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934.
Page 46 of 105