Vendor CVEs
Apple Inc.
All CVEs
8,449 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7010 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,… | |||
| CVE-2015-7009 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,… | |||
| CVE-2015-7008 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,… | |||
| CVE-2015-7006 | 0.00 | — | 0.04 | Oct 23, 2015 | Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive. | |||
| CVE-2015-7003 | 0.00 | — | 0.02 | Oct 23, 2015 | coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app. | |||
| CVE-2015-7002 | 0.00 | — | 0.03 | Oct 23, 2015 | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit… | |||
| CVE-2015-6994 | 0.00 | — | 0.02 | Oct 23, 2015 | The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app. | |||
| CVE-2015-6993 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,… | |||
| CVE-2015-6991 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,… | |||
| CVE-2015-6990 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991,… | |||
| CVE-2015-6989 | 0.00 | — | 0.02 | Oct 23, 2015 | Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls. | |||
| CVE-2015-6988 | 0.00 | — | 0.06 | Oct 23, 2015 | The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement. | |||
| CVE-2015-6987 | 0.00 | — | 0.00 | Oct 23, 2015 | The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder. | |||
| CVE-2015-6985 | 0.00 | — | 0.02 | Oct 23, 2015 | Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page. | |||
| CVE-2015-6984 | 0.00 | — | 0.01 | Oct 23, 2015 | libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack. | |||
| CVE-2015-6983 | 0.00 | — | 0.02 | Oct 23, 2015 | Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors. | |||
| CVE-2015-6978 | 0.00 | — | 0.05 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,… | |||
| CVE-2015-6977 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,… | |||
| CVE-2015-6976 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,… | |||
| CVE-2015-6974 | 0.00 | — | 0.03 | Oct 23, 2015 | IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||
| CVE-2015-5945 | 0.00 | — | 0.00 | Oct 23, 2015 | The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters. | |||
| CVE-2015-5944 | 0.00 | — | 0.03 | Oct 23, 2015 | CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | |||
| CVE-2015-5943 | 0.00 | — | 0.01 | Oct 23, 2015 | SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app. | |||
| CVE-2015-5942 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927. | |||
| CVE-2015-5940 | 0.00 | — | 0.02 | Oct 23, 2015 | The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted… | |||
| CVE-2015-5939 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and… | |||
| CVE-2015-5938 | 0.00 | — | 0.02 | Oct 23, 2015 | ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image. | |||
| CVE-2015-5937 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and… | |||
| CVE-2015-5936 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and… | |||
| CVE-2015-5935 | 0.00 | — | 0.03 | Oct 23, 2015 | ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and… | |||
| CVE-2015-5934 | 0.00 | — | 0.02 | Oct 23, 2015 | Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933. | |||
| CVE-2015-5933 | 0.00 | — | 0.02 | Oct 23, 2015 | Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934. | |||
| CVE-2015-5932 | 0.00 | — | 0.01 | Oct 23, 2015 | The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing. | |||
| CVE-2015-5931 | 0.00 | — | 0.02 | Oct 23, 2015 | WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in… | |||
| CVE-2015-5930 | 0.00 | — | 0.03 | Oct 23, 2015 | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit… | |||
| CVE-2015-5929 | 0.00 | — | 0.03 | Oct 23, 2015 | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit… | |||
| CVE-2015-5928 | 0.00 | — | 0.03 | Oct 23, 2015 | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit… | |||
| CVE-2015-5927 | 0.00 | — | 0.03 | Oct 23, 2015 | FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942. | |||
| CVE-2015-5926 | 0.00 | — | 0.02 | Oct 23, 2015 | The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925. | |||
| CVE-2015-5925 | 0.00 | — | 0.02 | Oct 23, 2015 | The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926. | |||
| CVE-2015-5924 | 0.00 | — | 0.02 | Oct 23, 2015 | The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||
| CVE-2015-7035 | 0.00 | — | 0.02 | Oct 23, 2015 | Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors. | |||
| CVE-2015-7031 | 0.00 | — | 0.02 | Oct 23, 2015 | The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors. | |||
| CVE-2015-7030 | 0.00 | — | 0.02 | Oct 23, 2015 | The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors. | |||
| CVE-2015-7022 | 0.00 | — | 0.01 | Oct 23, 2015 | The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app. | |||
| CVE-2015-7017 | 0.00 | — | 0.04 | Oct 23, 2015 | CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992. | |||
| CVE-2015-7005 | 0.00 | — | 0.02 | Oct 23, 2015 | WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1. | |||
| CVE-2015-7004 | 0.00 | — | 0.02 | Oct 23, 2015 | The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app. | |||
| CVE-2015-7000 | 0.00 | — | 0.00 | Oct 23, 2015 | Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon after a setting was… | |||
| CVE-2015-6999 | 0.00 | — | 0.01 | Oct 23, 2015 | The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate. |
- CVE-2015-7010Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
- CVE-2015-7009Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
- CVE-2015-7008Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
- CVE-2015-7006Oct 23, 2015risk 0.00cvss —epss 0.04
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
- CVE-2015-7003Oct 23, 2015risk 0.00cvss —epss 0.02
coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app.
- CVE-2015-7002Oct 23, 2015risk 0.00cvss —epss 0.03
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
- CVE-2015-6994Oct 23, 2015risk 0.00cvss —epss 0.02
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
- CVE-2015-6993Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
- CVE-2015-6991Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
- CVE-2015-6990Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991,…
- CVE-2015-6989Oct 23, 2015risk 0.00cvss —epss 0.02
Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
- CVE-2015-6988Oct 23, 2015risk 0.00cvss —epss 0.06
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
- CVE-2015-6987Oct 23, 2015risk 0.00cvss —epss 0.00
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder.
- CVE-2015-6985Oct 23, 2015risk 0.00cvss —epss 0.02
Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page.
- CVE-2015-6984Oct 23, 2015risk 0.00cvss —epss 0.01
libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.
- CVE-2015-6983Oct 23, 2015risk 0.00cvss —epss 0.02
Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.
- CVE-2015-6978Oct 23, 2015risk 0.00cvss —epss 0.05
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…
- CVE-2015-6977Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
- CVE-2015-6976Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
- CVE-2015-6974Oct 23, 2015risk 0.00cvss —epss 0.03
IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
- CVE-2015-5945Oct 23, 2015risk 0.00cvss —epss 0.00
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.
- CVE-2015-5944Oct 23, 2015risk 0.00cvss —epss 0.03
CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
- CVE-2015-5943Oct 23, 2015risk 0.00cvss —epss 0.01
SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.
- CVE-2015-5942Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.
- CVE-2015-5940Oct 23, 2015risk 0.00cvss —epss 0.02
The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
- CVE-2015-5939Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and…
- CVE-2015-5938Oct 23, 2015risk 0.00cvss —epss 0.02
ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image.
- CVE-2015-5937Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and…
- CVE-2015-5936Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and…
- CVE-2015-5935Oct 23, 2015risk 0.00cvss —epss 0.03
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5936, CVE-2015-5937, and…
- CVE-2015-5934Oct 23, 2015risk 0.00cvss —epss 0.02
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933.
- CVE-2015-5933Oct 23, 2015risk 0.00cvss —epss 0.02
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934.
- CVE-2015-5932Oct 23, 2015risk 0.00cvss —epss 0.01
The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.
- CVE-2015-5931Oct 23, 2015risk 0.00cvss —epss 0.02
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
- CVE-2015-5930Oct 23, 2015risk 0.00cvss —epss 0.03
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
- CVE-2015-5929Oct 23, 2015risk 0.00cvss —epss 0.03
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
- CVE-2015-5928Oct 23, 2015risk 0.00cvss —epss 0.03
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
- CVE-2015-5927Oct 23, 2015risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942.
- CVE-2015-5926Oct 23, 2015risk 0.00cvss —epss 0.02
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925.
- CVE-2015-5925Oct 23, 2015risk 0.00cvss —epss 0.02
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.
- CVE-2015-5924Oct 23, 2015risk 0.00cvss —epss 0.02
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
- CVE-2015-7035Oct 23, 2015risk 0.00cvss —epss 0.02
Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.
- CVE-2015-7031Oct 23, 2015risk 0.00cvss —epss 0.02
The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.
- CVE-2015-7030Oct 23, 2015risk 0.00cvss —epss 0.02
The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.
- CVE-2015-7022Oct 23, 2015risk 0.00cvss —epss 0.01
The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app.
- CVE-2015-7017Oct 23, 2015risk 0.00cvss —epss 0.04
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.
- CVE-2015-7005Oct 23, 2015risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1.
- CVE-2015-7004Oct 23, 2015risk 0.00cvss —epss 0.02
The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.
- CVE-2015-7000Oct 23, 2015risk 0.00cvss —epss 0.00
Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon after a setting was…
- CVE-2015-6999Oct 23, 2015risk 0.00cvss —epss 0.01
The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.
Page 116 of 169