Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-5748 | 2.1 |
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-5754 | 9.3 |
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping asso
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-5772 | 6.8 |
Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3787 | 3.3 |
The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3780 | 4.3 |
The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3767 | 7.2 |
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-5779 | 7.5 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:01 | |
CVE-2015-5747 | 4.9 |
The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-5753 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3783 | 7.5 |
SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3779 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3788, CVE-201
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-5771 | 6.8 |
Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime file.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3799 | 9.3 |
The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3761 | 7.2 |
The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3788 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3772 | 7.2 |
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3764 | 4.3 |
Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-5751 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-5750 | 7.5 |
Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3774 | 4.8 |
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-5768 | 4.3 |
AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3771 | 7.2 |
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3762 | 5.0 |
The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML Ext
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3775 | 7.2 |
Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-5784 | 9.3 |
runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:01 | |
CVE-2015-3789 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3781 | 4.3 |
Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3769 | 7.2 |
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3777 | 7.2 |
Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3794 | 6.8 |
The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Unicode string.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3792 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-5783 | 9.3 |
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:01 | |
CVE-2015-5763 | 7.2 |
ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3790 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3765 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3779, CVE-2015-3788, CVE-201
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3757 | 2.1 |
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3791 | 6.8 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-201
|
21-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2015-3773 | 7.5 |
The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3760 | 7.2 |
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3786 | 4.3 |
The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired devices via a crafted app.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3770 | 9.3 |
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.
|
21-09-2017 - 01:29 | 16-08-2015 - 23:59 | |
CVE-2015-3778 | 3.3 |
bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 |