Skip to main content

Mac Os X

2034 CVEs product

Monthly

CVE-2015-5776 HIGH This Week

Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
7.5
EPSS
3.0%
CVE-2015-5775 HIGH This Week

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
7.5
EPSS
2.0%
CVE-2015-5774 HIGH This Week

Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Buffer Overflow Mac Os X Iphone Os
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-5773 MEDIUM This Month

QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow Microsoft RCE +2
NVD
CVSS 2.0
6.8
EPSS
2.5%
CVE-2015-5772 MEDIUM This Month

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
6.8
EPSS
1.7%
CVE-2015-5771 MEDIUM This Month

Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
6.8
EPSS
2.0%
CVE-2015-5768 MEDIUM This Month

AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-5763 HIGH This Week

ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.2%
CVE-2015-5761 MEDIUM PATCH This Month

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +2
NVD
CVSS 2.0
6.8
EPSS
2.5%
CVE-2015-5758 MEDIUM This Month

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
6.8
EPSS
2.8%
CVE-2015-5757 CRITICAL Act Now

libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2015-5756 MEDIUM This Month

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
6.8
EPSS
2.1%
CVE-2015-5755 MEDIUM PATCH This Month

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Itunes +2
NVD
CVSS 2.0
6.8
EPSS
2.8%
CVE-2015-5754 CRITICAL POC THREAT Emergency

Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 26.9%.

Race Condition Apple RCE Mac Os X
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
26.9%
Threat
4.2
CVE-2015-5750 HIGH This Week

Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2015-5748 LOW Monitor

The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Iphone Os Safari Mac Os X
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-5747 MEDIUM This Month

The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Mac Os X
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-3807 MEDIUM This Month

libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow Iphone Os Mac Os X +1
NVD
CVSS 2.0
4.3
EPSS
2.4%
CVE-2015-3806 HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3805 HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3804 HIGH This Week

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
7.5
EPSS
2.0%
CVE-2015-3803 HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3802 HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3800 HIGH This Week

The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow Iphone Os Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3799 CRITICAL Act Now

The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
CVSS 2.0
9.3
EPSS
0.5%
CVE-2015-3798 HIGH POC THREAT Act Now

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.2%.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
26.2%
CVE-2015-3797 HIGH This Week

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2015-3796 HIGH POC THREAT Act Now

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.1%.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
18.1%
CVE-2015-3795 CRITICAL Act Now

libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
9.3
EPSS
1.6%
CVE-2015-3794 MEDIUM This Month

The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
6.8
EPSS
1.2%
CVE-2015-3787 LOW Monitor

The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Mac Os X
NVD
CVSS 2.0
3.3
EPSS
0.6%
CVE-2015-3786 MEDIUM This Month

The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-3784 MEDIUM This Month

Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple XXE Information Disclosure Microsoft Mac Os X +5
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2015-3783 HIGH POC THREAT Act Now

SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.4%.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
18.4%
CVE-2015-3782 MEDIUM This Month

CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-3781 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Apple Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-3780 MEDIUM This Month

The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2015-3778 LOW Monitor

bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X
NVD
CVSS 2.0
3.3
EPSS
0.4%
CVE-2015-3777 HIGH This Week

Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Buffer Overflow Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3776 CRITICAL Act Now

IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2015-3775 HIGH This Week

Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3774 MEDIUM This Month

The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.8
EPSS
0.1%
CVE-2015-3773 HIGH This Week

The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
7.5
EPSS
2.2%
CVE-2015-3772 HIGH This Week

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3771 HIGH This Week

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3770 CRITICAL Act Now

IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2015-3769 HIGH This Week

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3768 CRITICAL Act Now

Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Mac Os X Iphone Os
NVD
CVSS 2.0
9.3
EPSS
1.0%
CVE-2015-3767 HIGH This Week

udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Privilege Escalation Buffer Overflow Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3766 MEDIUM This Month

The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Iphone Os Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-3764 MEDIUM This Month

Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3762 MEDIUM This Month

The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple XXE Information Disclosure Mac Os X
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-3761 HIGH This Week

The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3760 HIGH POC Act Now

dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
7.2
EPSS
3.4%
CVE-2015-3757 LOW Monitor

Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-7422 HIGH This Week

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple RCE Mac Os X Perl
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2015-1819 Ruby MEDIUM PATCH This Month

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Ubuntu Linux Enterprise Linux Libxml +8
NVD
CVSS 2.0
5.0
EPSS
1.9%
CVE-2015-5523 MEDIUM POC This Month

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Debian Linux Iphone Os +3
NVD GitHub
CVSS 2.0
4.3
EPSS
5.0%
CVE-2015-5522 MEDIUM POC This Month

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Tidy Ubuntu Linux Debian Linux +3
NVD GitHub
CVSS 2.0
6.8
EPSS
6.8%
CVE-2015-3185 MEDIUM This Month

The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Apache Ubuntu Linux Http Server Xcode +3
NVD GitHub
CVSS 2.0
4.3
EPSS
9.5%
CVE-2015-0253 MEDIUM This Month

The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

Denial Of Service Apache Http Server Mac Os X Mac Os X Server +3
NVD GitHub
CVSS 2.0
5.0
EPSS
10.6%
CVE-2015-3727 MEDIUM This Month

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Privilege Escalation Safari Iphone Os Mac Os X
NVD
CVSS 2.0
6.8
EPSS
0.9%
CVE-2015-3721 MEDIUM PATCH This Month

The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Mac Os X Iphone Os
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2015-3720 MEDIUM PATCH This Month

The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-3719 MEDIUM PATCH This Month

TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-3718 MEDIUM PATCH This Month

systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Apple RCE Mac Os X
NVD
CVSS 2.0
6.8
EPSS
1.2%
CVE-2015-3717 HIGH PATCH CISA Act Now

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service Apple Buffer Overflow RCE Sqlite +2
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2015-3716 MEDIUM PATCH This Month

Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library. Rated medium severity (CVSS 4.4). This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Apple Mac Os X
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2015-3715 MEDIUM PATCH This Month

The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Apple Authentication Bypass Mac Os X
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2015-3714 MEDIUM PATCH This Month

Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Apple Authentication Bypass Mac Os X
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-3713 MEDIUM This Month

QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2015-3712 CRITICAL PATCH Act Now

The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Nvidia Buffer Overflow RCE +1
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2015-3711 MEDIUM PATCH This Month

The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3710 MEDIUM PATCH This Month

Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Apple Information Disclosure Iphone Os Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-3709 MEDIUM PATCH This Month

Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation. Rated medium severity (CVSS 6.9).

Race Condition Apple Authentication Bypass Mac Os X
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-3708 HIGH PATCH This Week

kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable.

Apple Information Disclosure Mac Os X
NVD
CVSS 2.0
8.8
EPSS
0.5%
CVE-2015-3707 CRITICAL PATCH Act Now

The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE Mac Os X
NVD
CVSS 2.0
9.3
EPSS
2.2%
CVE-2015-3706 CRITICAL PATCH Act Now

IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2015-3705 CRITICAL PATCH Act Now

IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2015-3704 CRITICAL POC PATCH THREAT Act Now

runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 40.6%.

Apple Privilege Escalation RCE Mac Os X
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
40.6%
Threat
4.6
CVE-2015-3703 MEDIUM PATCH This Month

ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Mac Os X +1
NVD
CVSS 2.0
6.8
EPSS
1.9%
CVE-2015-3702 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3701 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3700 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3699 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3698 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3697 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3696 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3695 HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel Mac Os X
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3694 MEDIUM PATCH This Month

FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow RCE Iphone Os +1
NVD
CVSS 2.0
6.8
EPSS
1.4%
EPSS 3% CVSS 7.5
HIGH This Week

Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Buffer Overflow Mac Os X +1
NVD
EPSS 3% CVSS 6.8
MEDIUM This Month

QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +4
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Buffer Overflow RCE +1
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
EPSS 0% CVSS 7.2
HIGH This Week

ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +1
NVD
EPSS 2% CVSS 6.8
MEDIUM PATCH This Month

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +4
NVD
EPSS 3% CVSS 6.8
MEDIUM This Month

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 3% CVSS 6.8
MEDIUM PATCH This Month

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +4
NVD
EPSS 27% 4.2 CVSS 9.3
CRITICAL POC THREAT Emergency

Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 26.9%.

Race Condition Apple RCE +1
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH This Week

Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 0% CVSS 2.1
LOW Monitor

The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Iphone Os +2
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Mac Os X
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
EPSS 26% CVSS 7.5
HIGH POC THREAT Act Now

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.2%.

Denial Of Service Apple Buffer Overflow +3
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH This Week

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 18% CVSS 7.5
HIGH POC THREAT Act Now

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.1%.

Denial Of Service Apple Buffer Overflow +3
NVD Exploit-DB
EPSS 2% CVSS 9.3
CRITICAL Act Now

libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 1% CVSS 3.3
LOW Monitor

The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Mac Os X
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple XXE Information Disclosure +7
NVD
EPSS 18% CVSS 7.5
HIGH POC THREAT Act Now

SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.4%.

Denial Of Service Apple Buffer Overflow +2
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM This Month

CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Iphone Os +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Apple Mac Os X
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
EPSS 0% CVSS 3.3
LOW Monitor

bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Buffer Overflow Mac Os X
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 0% CVSS 7.2
HIGH This Week

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +1
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 0% CVSS 7.2
HIGH This Week

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow +1
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple RCE Mac Os X +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Privilege Escalation +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Iphone Os +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple XXE Information Disclosure +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Mac Os X
NVD
EPSS 3% CVSS 7.2
HIGH POC Act Now

dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Mac Os X
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple RCE +2
NVD
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Ubuntu Linux +10
NVD
EPSS 5% CVSS 4.3
MEDIUM POC This Month

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux +5
NVD GitHub
EPSS 7% CVSS 6.8
MEDIUM POC This Month

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Tidy +5
NVD GitHub
EPSS 9% CVSS 4.3
MEDIUM This Month

The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Apache Ubuntu Linux +5
NVD GitHub
EPSS 11% CVSS 5.0
MEDIUM This Month

The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

Denial Of Service Apache Http Server +5
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Privilege Escalation Safari +2
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Mac Os X +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Mac Os X
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Apple RCE Mac Os X
NVD
EPSS 2% CVSS 7.5
HIGH PATCH Act Now

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service Apple Buffer Overflow +4
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library. Rated medium severity (CVSS 4.4). This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Apple Mac Os X
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Apple Authentication Bypass Mac Os X
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Apple Authentication Bypass Mac Os X
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Nvidia +3
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Apple Information Disclosure Mac Os X
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Apple Information Disclosure Iphone Os +1
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation. Rated medium severity (CVSS 6.9).

Race Condition Apple Authentication Bypass +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable.

Apple Information Disclosure Mac Os X
NVD
EPSS 2% CVSS 9.3
CRITICAL PATCH Act Now

The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Denial Of Service Apple RCE +1
NVD
EPSS 2% CVSS 9.3
CRITICAL PATCH Act Now

IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 2% CVSS 9.3
CRITICAL PATCH Act Now

IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +2
NVD
EPSS 41% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 40.6%.

Apple Privilege Escalation RCE +1
NVD Exploit-DB
EPSS 2% CVSS 6.8
MEDIUM PATCH This Month

ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +3
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Apple Buffer Overflow Intel +1
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Apple Buffer Overflow +3
NVD
Prev Page 18 of 23 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy