VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2015-5841Sep 18, 2015
    risk 0.00cvss epss 0.02

    The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.

  • CVE-2015-5840Sep 18, 2015
    risk 0.00cvss epss 0.02

    The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial of service (overflow fault and app crash) via crafted data.

  • CVE-2015-5839Sep 18, 2015
    risk 0.00cvss epss 0.02

    dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file.

  • CVE-2015-5831Sep 18, 2015
    risk 0.00cvss epss 0.02

    NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app.

  • CVE-2015-5824Sep 18, 2015
    risk 0.00cvss epss 0.00

    The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted…

  • CVE-2014-8611Sep 18, 2015
    risk 0.00cvss epss 0.00

    The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via…

  • CVE-2015-5783Aug 17, 2015
    risk 0.00cvss epss 0.03

    IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770.

  • CVE-2015-5782Aug 17, 2015
    risk 0.00cvss epss 0.02

    ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.

  • CVE-2015-5781Aug 17, 2015
    risk 0.00cvss epss 0.02

    ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.

  • CVE-2015-5778Aug 17, 2015
    risk 0.00cvss epss 0.03

    CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.

  • CVE-2015-5777Aug 17, 2015
    risk 0.00cvss epss 0.03

    CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.

  • CVE-2015-5776Aug 17, 2015
    risk 0.00cvss epss 0.04

    Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.

  • CVE-2015-5775Aug 17, 2015
    risk 0.00cvss epss 0.04

    FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.

  • CVE-2015-5774Aug 17, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

  • CVE-2015-5773Aug 17, 2015
    risk 0.00cvss epss 0.03

    QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.

  • CVE-2015-5772Aug 17, 2015
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file.

  • CVE-2015-5771Aug 17, 2015
    risk 0.00cvss epss 0.03

    Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime file.

  • CVE-2015-5768Aug 17, 2015
    risk 0.00cvss epss 0.01

    AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

  • CVE-2015-5763Aug 17, 2015
    risk 0.00cvss epss 0.00

    ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2015-5761Aug 17, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

Page 50 of 105