Max CVSS 10.0 Min CVSS 1.9 Total Count62
IDCVSSSummaryLast (major) updatePublished
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
02-01-2017 - 21:59 28-01-2015 - 14:59
CVE-2015-0273 7.5
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier
30-12-2016 - 21:59 30-03-2015 - 06:59
CVE-2015-7035 7.5
Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-7023 5.8
CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7018 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7017 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 a
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-7015 6.8
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7010 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7009 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7008 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7007 7.5
Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7006 6.8
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6996 6.8
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6995 6.8
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6994 7.1
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6993 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6992 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 a
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-6991 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6990 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6989 6.8
Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6988 10.0
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6983 8.8
Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6978 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6977 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6976 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6975 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 a
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-6974 9.3
IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5942 6.8
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5940 6.8
The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (mem
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5939 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5937 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5936 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5935 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5927 6.8
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5926 6.8
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability tha
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5925 6.8
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability tha
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5924 6.8
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2014-3565 5.0
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB f
23-12-2016 - 21:59 07-10-2014 - 10:55
CVE-2015-6563 1.9
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjun
21-12-2016 - 22:00 23-08-2015 - 21:59
CVE-2012-6151 4.3
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout
07-12-2016 - 22:02 13-12-2013 - 13:55
CVE-2015-6838 5.0
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding wi
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6837 5.0
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding wi
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6836 7.5
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "
29-11-2016 - 22:02 19-01-2016 - 00:59
CVE-2015-6835 7.5
The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafte
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-6834 7.5
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3)
29-11-2016 - 22:02 16-05-2016 - 06:59
CVE-2015-7024 6.9
Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a val
11-01-2016 - 20:30 11-01-2016 - 06:59
CVE-2015-6980 7.2
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.
11-01-2016 - 20:29 11-01-2016 - 06:59
CVE-2015-7003 6.8
coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app.
26-10-2015 - 20:50 23-10-2015 - 17:59
CVE-2015-6987 2.1
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder.
26-10-2015 - 20:42 23-10-2015 - 17:59
CVE-2015-6985 6.8
Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page.
26-10-2015 - 20:41 23-10-2015 - 17:59
CVE-2015-7021 7.2
The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors.
26-10-2015 - 20:40 23-10-2015 - 17:59
CVE-2015-5945 7.2
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.
26-10-2015 - 20:23 23-10-2015 - 17:59
CVE-2015-7020 5.6
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a diffe
26-10-2015 - 20:22 23-10-2015 - 17:59
CVE-2015-5944 6.8
CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
26-10-2015 - 20:21 23-10-2015 - 17:59
CVE-2015-5943 4.3
SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.
26-10-2015 - 20:20 23-10-2015 - 17:59
CVE-2015-5938 6.8
ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image.
26-10-2015 - 20:16 23-10-2015 - 17:59
CVE-2015-5934 6.8
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933.
26-10-2015 - 20:13 23-10-2015 - 17:59
CVE-2015-5933 6.8
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934.
26-10-2015 - 20:13 23-10-2015 - 17:59
CVE-2015-7016 7.6
The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted dev
26-10-2015 - 20:02 23-10-2015 - 17:59
CVE-2015-6984 8.8
libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.
26-10-2015 - 19:47 23-10-2015 - 17:59
CVE-2015-5932 7.2
The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.
26-10-2015 - 19:43 23-10-2015 - 17:59
CVE-2015-7019 5.6
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a diffe
26-10-2015 - 19:30 23-10-2015 - 17:59
Back to Top Mark selected
Back to Top