VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,439 total · sorted by risk
  • CVE-2015-3727Jul 3, 2015
    risk 0.00cvss epss 0.02

    WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted…

  • CVE-2015-3726Jul 3, 2015
    risk 0.00cvss epss 0.00

    The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.

  • CVE-2015-3725Jul 3, 2015
    risk 0.00cvss epss 0.02

    MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.

  • CVE-2015-3724Jul 3, 2015
    risk 0.00cvss epss 0.02

    CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723.

  • CVE-2015-3723Jul 3, 2015
    risk 0.00cvss epss 0.03

    CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724.

  • CVE-2015-3722Jul 3, 2015
    risk 0.00cvss epss 0.02

    Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.

  • CVE-2015-3721Jul 3, 2015
    risk 0.00cvss epss 0.01

    The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.

  • CVE-2015-3720Jul 3, 2015
    risk 0.00cvss epss 0.01

    The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.

  • CVE-2015-3719Jul 3, 2015
    risk 0.00cvss epss 0.03

    TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.

  • CVE-2015-3718Jul 3, 2015
    risk 0.00cvss epss 0.02

    systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type…

  • CVE-2015-3717Jul 3, 2015
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

  • CVE-2015-3716Jul 3, 2015
    risk 0.00cvss epss 0.00

    Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.

  • CVE-2015-3715Jul 3, 2015
    risk 0.00cvss epss 0.01

    The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library.

  • CVE-2015-3714Jul 3, 2015
    risk 0.00cvss epss 0.01

    Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.

  • CVE-2015-3713Jul 3, 2015
    risk 0.00cvss epss 0.03

    QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file.

  • CVE-2015-3712Jul 3, 2015
    risk 0.00cvss epss 0.03

    The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.

  • CVE-2015-3711Jul 3, 2015
    risk 0.00cvss epss 0.01

    The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.

  • CVE-2015-3710Jul 3, 2015
    risk 0.00cvss epss 0.02

    Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.

  • CVE-2015-3709Jul 3, 2015
    risk 0.00cvss epss 0.00

    Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.

  • CVE-2015-3708Jul 3, 2015
    risk 0.00cvss epss 0.02

    kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack.

  • CVE-2015-3707Jul 3, 2015
    risk 0.00cvss epss 0.03

    The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2015-3706Jul 3, 2015
    risk 0.00cvss epss 0.02

    IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.

  • CVE-2015-3705Jul 3, 2015
    risk 0.00cvss epss 0.02

    IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.

  • CVE-2015-3703Jul 3, 2015
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.

  • CVE-2015-3702Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701.

  • CVE-2015-3701Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3702.

  • CVE-2015-3700Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702.

  • CVE-2015-3699Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

  • CVE-2015-3698Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

  • CVE-2015-3697Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

  • CVE-2015-3696Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

  • CVE-2015-3695Jul 3, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

  • CVE-2015-3694Jul 3, 2015
    risk 0.00cvss epss 0.03

    FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.

  • CVE-2015-3692Jul 3, 2015
    risk 0.00cvss epss 0.00

    Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not enforce a locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging root privileges.

  • CVE-2015-3691Jul 3, 2015
    risk 0.00cvss epss 0.03

    The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages control of a function pointer.

  • CVE-2015-3690Jul 3, 2015
    risk 0.00cvss epss 0.01

    The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.

  • CVE-2015-3689Jul 3, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688.

  • CVE-2015-3688Jul 3, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.

  • CVE-2015-3687Jul 3, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.

  • CVE-2015-3686Jul 3, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.

  • CVE-2015-3685Jul 3, 2015
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.

  • CVE-2015-3684Jul 3, 2015
    risk 0.00cvss epss 0.03

    The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.

  • CVE-2015-3683Jul 3, 2015
    risk 0.00cvss epss 0.03

    The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2015-3682Jul 3, 2015
    risk 0.00cvss epss 0.03

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3681.

  • CVE-2015-3681Jul 3, 2015
    risk 0.00cvss epss 0.03

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682.

  • CVE-2015-3680Jul 3, 2015
    risk 0.00cvss epss 0.03

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682.

  • CVE-2015-3679Jul 3, 2015
    risk 0.00cvss epss 0.03

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-2015-3682.

  • CVE-2015-3678Jul 3, 2015
    risk 0.00cvss epss 0.00

    AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.

  • CVE-2015-3677Jul 3, 2015
    risk 0.00cvss epss 0.01

    The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.

  • CVE-2015-3676Jul 3, 2015
    risk 0.00cvss epss 0.01

    AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.

Page 122 of 169