VYPR

OS X

by Apple Inc.

CVEs (533)

  • CVE-2015-3777Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages.

  • CVE-2015-3776Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.

  • CVE-2015-3775Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors.

  • CVE-2015-3774Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.

  • CVE-2015-3773Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.02

    The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

  • CVE-2015-3772Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.

  • CVE-2015-3771Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.

  • CVE-2015-3770Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.02

    IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.

  • CVE-2015-3769Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.

  • CVE-2015-3768Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.

  • CVE-2015-3767Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.

  • CVE-2015-3766Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.

  • CVE-2015-3764Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app.

  • CVE-2015-3762Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

  • CVE-2015-3761Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.

  • CVE-2015-3757Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane.

  • CVE-2013-7422Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid…

  • CVE-2015-3721Jul 3, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.

  • CVE-2015-3720Jul 3, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.

  • CVE-2015-3719Jul 3, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.

Page 18 of 27