VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2015-5932Oct 23, 2015
    risk 0.00cvss epss 0.01

    The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.

  • CVE-2015-5927Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942.

  • CVE-2015-5926Oct 23, 2015
    risk 0.00cvss epss 0.02

    The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925.

  • CVE-2015-5925Oct 23, 2015
    risk 0.00cvss epss 0.02

    The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.

  • CVE-2015-5924Oct 23, 2015
    risk 0.00cvss epss 0.02

    The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2015-7035Oct 23, 2015
    risk 0.00cvss epss 0.02

    Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.

  • CVE-2015-7017Oct 23, 2015
    risk 0.00cvss epss 0.04

    CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.

  • CVE-2015-6992Oct 23, 2015
    risk 0.00cvss epss 0.04

    CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017.

  • CVE-2015-6975Oct 23, 2015
    risk 0.00cvss epss 0.04

    CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017.

  • CVE-2015-7761Oct 9, 2015
    risk 0.00cvss epss 0.01

    Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760.

  • CVE-2015-7760Oct 9, 2015
    risk 0.00cvss epss 0.02

    libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than…

  • CVE-2015-5922Oct 9, 2015
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Apple OS X before 10.11 and watchOS before 2, has unknown impact and attack vectors.

  • CVE-2015-5915Oct 9, 2015
    risk 0.00cvss epss 0.01

    Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors.

  • CVE-2015-5914Oct 9, 2015
    risk 0.00cvss epss 0.00

    The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists…

  • CVE-2015-5913Oct 9, 2015
    risk 0.00cvss epss 0.02

    Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request.

  • CVE-2015-5902Oct 9, 2015
    risk 0.00cvss epss 0.00

    The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors.

  • CVE-2015-5901Oct 9, 2015
    risk 0.00cvss epss 0.00

    The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive.

  • CVE-2015-5900Oct 9, 2015
    risk 0.00cvss epss 0.02

    The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address.

  • CVE-2015-5897Oct 9, 2015
    risk 0.00cvss epss 0.00

    The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using an environment variable to inject code into processes that rely on this framework.

  • CVE-2015-5894Oct 9, 2015
    risk 0.00cvss epss 0.01

    The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access…

Page 47 of 105