Max CVSS 10.0 Min CVSS 1.9 Total Count57
IDCVSSSummaryLast (major) updatePublished
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
02-01-2017 - 21:59 28-01-2015 - 14:59
CVE-2015-0273 7.5
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier
30-12-2016 - 21:59 30-03-2015 - 06:59
CVE-2015-7035 7.5
Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-7023 5.8
CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7018 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7017 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 a
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-7015 6.8
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7010 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7009 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7008 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7007 7.5
Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-7006 6.8
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6996 6.8
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6995 6.8
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6994 7.1
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6993 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6992 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 a
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-6991 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6990 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6989 6.8
Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6988 10.0
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6983 8.8
Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6978 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6977 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6976 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-20
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-6975 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 a
23-12-2016 - 21:59 23-10-2015 - 06:59
CVE-2015-6974 9.3
IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5942 6.8
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5940 6.8
The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (mem
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5939 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5937 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5936 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5935 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5927 6.8
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5926 6.8
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability tha
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5925 6.8
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability tha
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2015-5924 6.8
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
23-12-2016 - 21:59 23-10-2015 - 17:59
CVE-2014-3565 5.0
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB f
23-12-2016 - 21:59 07-10-2014 - 10:55
CVE-2015-6563 1.9
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjun
21-12-2016 - 22:00 23-08-2015 - 21:59
CVE-2012-6151 4.3
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout
07-12-2016 - 22:02 13-12-2013 - 13:55
CVE-2015-7024 6.9
Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a val
11-01-2016 - 20:30 11-01-2016 - 06:59
CVE-2015-6980 7.2
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.
11-01-2016 - 20:29 11-01-2016 - 06:59
CVE-2015-7003 6.8
coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app.
26-10-2015 - 20:50 23-10-2015 - 17:59
CVE-2015-6987 2.1
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder.
26-10-2015 - 20:42 23-10-2015 - 17:59
CVE-2015-6985 6.8
Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page.
26-10-2015 - 20:41 23-10-2015 - 17:59
CVE-2015-7021 7.2
The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors.
26-10-2015 - 20:40 23-10-2015 - 17:59
CVE-2015-5945 7.2
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.
26-10-2015 - 20:23 23-10-2015 - 17:59
CVE-2015-7020 5.6
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a diffe
26-10-2015 - 20:22 23-10-2015 - 17:59
CVE-2015-5944 6.8
CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
26-10-2015 - 20:21 23-10-2015 - 17:59
CVE-2015-5943 4.3
SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.
26-10-2015 - 20:20 23-10-2015 - 17:59
CVE-2015-5938 6.8
ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image.
26-10-2015 - 20:16 23-10-2015 - 17:59
CVE-2015-5934 6.8
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5933.
26-10-2015 - 20:13 23-10-2015 - 17:59
CVE-2015-5933 6.8
Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934.
26-10-2015 - 20:13 23-10-2015 - 17:59
CVE-2015-7016 7.6
The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted dev
26-10-2015 - 20:02 23-10-2015 - 17:59
CVE-2015-6984 8.8
libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.
26-10-2015 - 19:47 23-10-2015 - 17:59
CVE-2015-5932 7.2
The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.
26-10-2015 - 19:43 23-10-2015 - 17:59
CVE-2015-7019 5.6
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a diffe
26-10-2015 - 19:30 23-10-2015 - 17:59
Back to Top Mark selected
Back to Top