Filtered by vendor Apple
Subscribe
Total
12581 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3761 | 1 Apple | 1 Mac Os X | 2017-09-21 | 7.2 HIGH | N/A |
| The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2015-3779 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-21 | 6.8 MEDIUM | N/A |
| QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | |||||
| CVE-2015-3772 | 1 Apple | 1 Mac Os X | 2017-09-21 | 7.2 HIGH | N/A |
| IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771. | |||||
| CVE-2015-5768 | 1 Apple | 1 Mac Os X | 2017-09-21 | 4.3 MEDIUM | N/A |
| AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | |||||
| CVE-2015-5751 | 1 Apple | 2 Mac Os X, Quicktime | 2017-09-21 | 6.8 MEDIUM | N/A |
| QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5753, and CVE-2015-5779. | |||||
| CVE-2015-3760 | 1 Apple | 1 Mac Os X | 2017-09-21 | 7.2 HIGH | N/A |
| dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2015-3767 | 1 Apple | 1 Mac Os X | 2017-09-21 | 7.2 HIGH | N/A |
| udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. | |||||
| CVE-2015-3775 | 1 Apple | 1 Mac Os X | 2017-09-21 | 7.2 HIGH | N/A |
| Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. | |||||
| CVE-2015-5125 | 5 Adobe, Apple, Linux and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2017-09-21 | 10.0 HIGH | N/A |
| Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2015-5784 | 1 Apple | 1 Mac Os X | 2017-09-21 | 9.3 HIGH | N/A |
| runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2015-5783 | 1 Apple | 1 Mac Os X | 2017-09-21 | 9.3 HIGH | N/A |
| IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770. | |||||
| CVE-2015-3781 | 1 Apple | 1 Mac Os X | 2017-09-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search. | |||||
| CVE-2015-3774 | 1 Apple | 1 Mac Os X | 2017-09-21 | 4.8 MEDIUM | N/A |
| The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream. | |||||
| CVE-2015-5750 | 1 Apple | 1 Mac Os X | 2017-09-21 | 7.5 HIGH | N/A |
| Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters. | |||||
| CVE-2017-2538 | 1 Apple | 2 Iphone Os, Safari | 2017-09-19 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2013-3352 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355. | |||||
| CVE-2013-2268 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2017-09-19 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." | |||||
| CVE-2017-2424 | 1 Apple | 2 Iphone Os, Safari | 2017-09-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves mishandling of OpenGL shaders in the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site. | |||||
| CVE-2013-3357 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3358. | |||||
| CVE-2013-3358 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357. | |||||