Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-3717 7.5
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
20-11-2020 - 19:03 03-07-2015 - 02:00
CVE-2014-8127 4.3
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tif
30-10-2018 - 16:27 26-06-2017 - 15:29
CVE-2014-8129 6.8
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the
06-04-2018 - 13:02 12-03-2018 - 02:29
CVE-2014-8130 4.3
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteS
05-04-2018 - 21:07 12-03-2018 - 02:29
CVE-2015-3711 4.3
The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3702 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3699 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3718 6.8
systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app,
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3688 6.8
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3672 7.2
Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3709 6.9
Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3687 6.8
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3682 6.8
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-20
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3716 4.4
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3708 8.8
kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack. <a href="https://cwe.mitre.org/data/definitions/61.html">CWE-61: UNIX Symbolic Link (Symlink) Following</a
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3686 6.8
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3704 9.3
runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3696 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3677 4.3
The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3712 9.3
The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3701 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3719 6.8
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3714 5.0
Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3683 9.3
The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3675 5.0
The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3691 9.3
The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages control of a function pointer.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3685 6.8
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3679 6.8
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-20
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3710 4.3
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3706 9.3
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3680 6.8
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-20
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3705 9.3
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3698 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3676 4.3
AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3721 4.3
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3678 7.2
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3695 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3684 6.8
The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3707 9.3
The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/defi
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3690 4.3
The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3715 6.8
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library.
22-09-2017 - 01:29 03-07-2015 - 02:00
CVE-2015-3681 6.8
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-20
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3700 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3689 6.8
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3674 7.5
afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3697 7.2
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-201
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3671 7.2
Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3694 6.8
FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3673 7.2
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.
22-09-2017 - 01:29 03-07-2015 - 01:59
CVE-2015-3703 6.8
ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.
22-09-2017 - 01:29 03-07-2015 - 01:59
Back to Top Mark selected
Back to Top