VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,449 total · sorted by risk
  • CVE-2015-7010Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…

  • CVE-2015-7009Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…

  • CVE-2015-7008Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…

  • CVE-2015-7006Oct 23, 2015
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.

  • CVE-2015-7003Oct 23, 2015
    risk 0.00cvss epss 0.02

    coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app.

  • CVE-2015-7002Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-6994Oct 23, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.

  • CVE-2015-6993Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…

  • CVE-2015-6991Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…

  • CVE-2015-6990Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991,…

  • CVE-2015-6989Oct 23, 2015
    risk 0.00cvss epss 0.02

    Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.

  • CVE-2015-6988Oct 23, 2015
    risk 0.00cvss epss 0.06

    The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.

  • CVE-2015-6987Oct 23, 2015
    risk 0.00cvss epss 0.00

    The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder.

  • CVE-2015-6985Oct 23, 2015
    risk 0.00cvss epss 0.02

    Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page.

  • CVE-2015-6984Oct 23, 2015
    risk 0.00cvss epss 0.01

    libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.

  • CVE-2015-6983Oct 23, 2015
    risk 0.00cvss epss 0.02

    Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.

  • CVE-2015-6978Oct 23, 2015
    risk 0.00cvss epss 0.05

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…

  • CVE-2015-6977Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…

  • CVE-2015-6976Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…

  • CVE-2015-6974Oct 23, 2015
    risk 0.00cvss epss 0.03

    IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2015-5945Oct 23, 2015
    risk 0.00cvss epss 0.00

    The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.

  • CVE-2015-5944Oct 23, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

  • CVE-2015-5943Oct 23, 2015
    risk 0.00cvss epss 0.01

    SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.

  • CVE-2015-5942Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.

  • CVE-2015-5940Oct 23, 2015
    risk 0.00cvss epss 0.02

    The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…

  • CVE-2015-5939Oct 23, 2015
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and…

  • CVE-2015-5938Oct 23, 2015
    risk 0.00cvss epss 0.02

    ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image.

  • CVE-2015-5937Oct 23, 2015
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and…

  • CVE-2015-5936Oct 23, 2015
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and…

  • CVE-2015-5935Oct 23, 2015
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and…

  • CVE-2015-5934Oct 23, 2015
    risk 0.00cvss epss 0.02

    Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933.

  • CVE-2015-5933Oct 23, 2015
    risk 0.00cvss epss 0.02

    Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934.

  • CVE-2015-5932Oct 23, 2015
    risk 0.00cvss epss 0.01

    The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.

  • CVE-2015-5931Oct 23, 2015
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2015-5930Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5929Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5928Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5927Oct 23, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942.

  • CVE-2015-5926Oct 23, 2015
    risk 0.00cvss epss 0.02

    The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925.

  • CVE-2015-5925Oct 23, 2015
    risk 0.00cvss epss 0.02

    The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.

  • CVE-2015-5924Oct 23, 2015
    risk 0.00cvss epss 0.02

    The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2015-7035Oct 23, 2015
    risk 0.00cvss epss 0.02

    Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.

  • CVE-2015-7031Oct 23, 2015
    risk 0.00cvss epss 0.02

    The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.

  • CVE-2015-7030Oct 23, 2015
    risk 0.00cvss epss 0.02

    The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.

  • CVE-2015-7022Oct 23, 2015
    risk 0.00cvss epss 0.01

    The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app.

  • CVE-2015-7017Oct 23, 2015
    risk 0.00cvss epss 0.04

    CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.

  • CVE-2015-7005Oct 23, 2015
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1.

  • CVE-2015-7004Oct 23, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.

  • CVE-2015-7000Oct 23, 2015
    risk 0.00cvss epss 0.00

    Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon after a setting was…

  • CVE-2015-6999Oct 23, 2015
    risk 0.00cvss epss 0.01

    The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.

Page 116 of 169