Skip to main content
CVE-2015-7112 CRITICAL POC THREAT Emergency

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 19.7%.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +3
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
19.7%
Threat
4.0
CVE-2015-7039 MEDIUM POC THREAT This Month

Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 27.4%.

Apple Buffer Overflow RCE Tvos Watchos +2
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
27.4%
CVE-2015-7068 HIGH POC This Week

IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Null Pointer Dereference RCE Iphone Os +3
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
3.9%
CVE-2015-7803 MEDIUM This Month

The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 26.5% and no vendor patch available.

Denial Of Service PHP Mac Os X
NVD
CVSS 2.0
6.8
EPSS
26.5%
CVE-2015-7108 HIGH POC This Week

The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-7047 HIGH POC This Week

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Watchos Tvos Iphone Os +1
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.7%
CVE-2015-7083 HIGH POC This Week

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X Iphone Os +2
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.4%
CVE-2015-7084 HIGH POC This Week

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Buffer Overflow Iphone Os Mac Os X +2
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.3%
CVE-2015-7106 HIGH POC This Week

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Buffer Overflow Intel Mac Os X
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.3%
CVE-2015-7078 HIGH POC This Week

Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Mac Os X
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.3%
CVE-2015-7077 HIGH POC This Week

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Buffer Overflow Intel Mac Os X
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.3%
CVE-2015-7110 MEDIUM POC This Month

The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X Iphone Os
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.4%
CVE-2015-7113 CRITICAL Act Now

The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
10.0
EPSS
1.2%
CVE-2015-7082 CRITICAL Act Now

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure Git
NVD GitHub
CVSS 2.0
10.0
EPSS
0.6%
CVE-2015-7071 CRITICAL Act Now

The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Privilege Escalation Mac Os X
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2015-7111 CRITICAL Act Now

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +3
NVD
CVSS 2.0
9.3
EPSS
1.7%
CVE-2015-7070 CRITICAL Act Now

Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Iphone Os
NVD
CVSS 2.0
9.3
EPSS
1.6%
CVE-2015-7069 CRITICAL Act Now

Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Iphone Os
NVD
CVSS 2.0
9.3
EPSS
1.6%
CVE-2015-7109 CRITICAL Act Now

IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2015-7079 CRITICAL Act Now

dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Tvos Iphone Os
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2015-7051 CRITICAL Act Now

MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Privilege Escalation RCE Iphone Os Tvos
NVD
CVSS 2.0
9.3
EPSS
1.0%
CVE-2015-7072 CRITICAL Act Now

dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Iphone Os Watchos Tvos
NVD
CVSS 2.0
9.3
EPSS
1.0%
CVE-2015-7055 CRITICAL Act Now

AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Authentication Bypass Tvos Iphone Os
NVD
CVSS 2.0
9.3
EPSS
0.8%
CVE-2015-7804 MEDIUM This Month

Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.4% and no vendor patch available.

Denial Of Service PHP Mac Os X
NVD
CVSS 2.0
6.8
EPSS
11.4%
CVE-2015-7038 MEDIUM This Month

Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Buffer Overflow RCE Tvos Iphone Os +2
NVD
CVSS 2.0
6.8
EPSS
6.5%
CVE-2015-7044 HIGH This Week

The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Mac Os X
NVD
CVSS 2.0
7.6
EPSS
1.6%
CVE-2015-7075 MEDIUM This Month

CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Watchos +3
NVD
CVSS 2.0
6.8
EPSS
3.4%
CVE-2015-7073 MEDIUM This Month

Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +3
NVD
CVSS 2.0
6.8
EPSS
3.4%
CVE-2015-7053 MEDIUM This Month

ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +3
NVD
CVSS 2.0
6.8
EPSS
3.4%
CVE-2015-7074 MEDIUM This Month

CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +2
NVD
CVSS 2.0
6.8
EPSS
2.8%
CVE-2015-7105 MEDIUM This Month

CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +3
NVD
CVSS 2.0
6.8
EPSS
2.5%
CVE-2015-7107 MEDIUM This Month

QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
6.8
EPSS
2.4%
CVE-2015-7076 HIGH This Week

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-7063 HIGH This Week

The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-7052 HIGH This Week

kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-7065 MEDIUM This Month

OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +2
NVD
CVSS 2.0
6.8
EPSS
1.9%
CVE-2015-7104 MEDIUM This Month

WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +1
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2015-7061 MEDIUM This Month

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +2
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-7060 MEDIUM This Month

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Watchos +2
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-7059 MEDIUM This Month

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Watchos +2
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-7066 MEDIUM This Month

OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +3
NVD
CVSS 2.0
6.8
EPSS
1.2%
CVE-2015-7064 MEDIUM This Month

OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +3
NVD
CVSS 2.0
6.8
EPSS
1.2%
CVE-2015-7054 MEDIUM This Month

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Iphone Os Mac Os X Watchos +1
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-7101 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +2
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-7097 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +2
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-7095 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +2
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-7098 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +2
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2015-7096 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +2
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2015-7103 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Safari +2
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2015-7102 MEDIUM This Month

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Tvos +2
NVD
CVSS 2.0
6.8
EPSS
1.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy