Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-1148 | 5.0 |
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation
|
25-01-2021 - 15:44 | 03-07-2012 - 19:55 | |
CVE-2012-1147 | 4.3 |
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
|
25-01-2021 - 15:44 | 03-07-2012 - 19:55 | |
CVE-2015-7068 | 9.3 |
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an un
|
25-03-2019 - 17:52 | 11-12-2015 - 11:59 | |
CVE-2015-7074 | 6.8 |
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7060 | 6.8 |
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7039 | 6.8 |
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7111 | 9.3 |
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a differe
|
08-03-2019 - 16:06 | 11-12-2015 - 12:00 | |
CVE-2015-7061 | 6.8 |
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7047 | 7.2 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7075 | 6.8 |
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7058 | 4.3 |
Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7043 | 4.3 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7066 | 6.8 |
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7054 | 6.8 |
zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafte
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7040 | 4.3 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7042 | 4.3 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7112 | 9.3 |
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a differe
|
08-03-2019 - 16:06 | 11-12-2015 - 12:00 | |
CVE-2015-7053 | 6.8 |
ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7084 | 7.2 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7073 | 6.8 |
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7045 | 5.0 |
Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7083 | 7.2 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7059 | 6.8 |
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7105 | 6.8 |
CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
|
08-03-2019 - 16:06 | 11-12-2015 - 12:00 | |
CVE-2015-7001 | 6.8 |
AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7065 | 6.8 |
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7041 | 4.3 |
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7064 | 6.8 |
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7046 | 2.6 |
The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with r
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7038 | 6.8 |
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.
|
08-03-2019 - 16:06 | 11-12-2015 - 11:59 | |
CVE-2015-7107 | 6.8 |
QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
|
13-09-2017 - 01:29 | 11-12-2015 - 12:00 | |
CVE-2015-7076 | 7.2 |
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476:
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7044 | 7.6 |
The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root privileges.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7081 | 5.0 |
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) i
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7078 | 7.2 |
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects. <a href="https://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7067 | 2.1 |
IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type. <a href="https://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereferenc
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7071 | 10.0 |
The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7052 | 7.2 |
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7062 | 4.6 |
Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7110 | 6.9 |
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
|
13-09-2017 - 01:29 | 11-12-2015 - 12:00 | |
CVE-2015-7094 | 2.6 |
CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7063 | 7.2 |
The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7108 | 7.2 |
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
13-09-2017 - 01:29 | 11-12-2015 - 12:00 | |
CVE-2015-7077 | 7.2 |
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
|
13-09-2017 - 01:29 | 11-12-2015 - 11:59 | |
CVE-2015-7109 | 9.3 |
IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
13-09-2017 - 01:29 | 11-12-2015 - 12:00 | |
CVE-2015-7106 | 7.2 |
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
13-09-2017 - 01:29 | 11-12-2015 - 12:00 |