OS X

CVEs (377)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2015-6989	Apple Inc. Mac Os X	—	0.01	Oct 23, 2015	Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
CVE-2015-6978	Apple Inc. Mac Os X	—	0.05	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-5942	Apple Inc. Mac Os X	—	0.02	Oct 23, 2015	FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.
CVE-2015-5940	Apple Inc. Mac Os X	—	0.02	Oct 23, 2015	The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
CVE-2015-5932	Apple Inc. Mac Os X	—	0.01	Oct 23, 2015	The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.
CVE-2015-5926	Apple Inc. Mac Os X	—	0.02	Oct 23, 2015	The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925.
CVE-2015-5925	Apple Inc. Mac Os X	—	0.02	Oct 23, 2015	The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.
CVE-2015-5924	Apple Inc. Mac Os X	—	0.02	Oct 23, 2015	The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2015-6975	Apple Inc. Mac Os X	—	0.02	Oct 23, 2015	CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017.
CVE-2015-5915	Apple Inc. Mac Os X	—	0.00	Oct 9, 2015	Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors.
CVE-2015-5878	Apple Inc. Mac Os X	—	0.00	Oct 9, 2015	Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive information via unspecified vectors.
CVE-2015-5853	Apple Inc. Mac Os X	—	0.00	Oct 9, 2015	AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors.
CVE-2015-5783	Apple Inc. Mac Os X	—	0.01	Aug 17, 2015	IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770.
CVE-2015-5782	Apple Inc. Mac Os X	—	0.01	Aug 17, 2015	ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
CVE-2015-5781	Apple Inc. Mac Os X	—	0.01	Aug 17, 2015	ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
CVE-2015-5778	Apple Inc. Mac Os X	—	0.02	Aug 17, 2015	CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.
CVE-2015-5777	Apple Inc. Mac Os X	—	0.02	Aug 17, 2015	CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.
CVE-2015-5776	Apple Inc. Mac Os X	—	0.03	Aug 17, 2015	Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.
CVE-2015-5775	Apple Inc. Mac Os X	—	0.02	Aug 17, 2015	FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
CVE-2015-5774	Apple Inc. Mac Os X	—	0.00	Aug 17, 2015	Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

CVE-2015-6989Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
CVE-2015-6978Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.05
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-5942Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.
CVE-2015-5940Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
CVE-2015-5932Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.
CVE-2015-5926Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925.
CVE-2015-5925Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.
CVE-2015-5924Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2015-6975Oct 23, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017.
CVE-2015-5915Oct 9, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors.
CVE-2015-5878Oct 9, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive information via unspecified vectors.
CVE-2015-5853Oct 9, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors.
CVE-2015-5783Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770.
CVE-2015-5782Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
CVE-2015-5781Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
CVE-2015-5778Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.
CVE-2015-5777Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.
CVE-2015-5776Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.03
Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.
CVE-2015-5775Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
CVE-2015-5774Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

Page 11 of 19