Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:mac_os_x:10.5.6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-3782 |
CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. Published: August 16, 2015; 7:59:55 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-3781 |
Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search. Published: August 16, 2015; 7:59:54 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-3780 |
The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Published: August 16, 2015; 7:59:53 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-3779 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Published: August 16, 2015; 7:59:52 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-3778 |
bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. Published: August 16, 2015; 7:59:51 PM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2015-3777 |
Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. Published: August 16, 2015; 7:59:49 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-3776 |
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist. Published: August 16, 2015; 7:59:49 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2015-3775 |
Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. Published: August 16, 2015; 7:59:48 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-3774 |
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream. Published: August 16, 2015; 7:59:47 PM -0400 |
V3.x:(not available) V2.0: 4.8 MEDIUM |
CVE-2015-3773 |
The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Published: August 16, 2015; 7:59:46 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-3772 |
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771. Published: August 16, 2015; 7:59:45 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-3771 |
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772. Published: August 16, 2015; 7:59:44 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-3770 |
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783. Published: August 16, 2015; 7:59:43 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2015-3769 |
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772. Published: August 16, 2015; 7:59:42 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-3768 |
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls. Published: August 16, 2015; 7:59:41 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2015-3767 |
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. Published: August 16, 2015; 7:59:40 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2015-3766 |
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app. Published: August 16, 2015; 7:59:39 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-3765 |
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Published: August 16, 2015; 7:59:38 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-3764 |
Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app. Published: August 16, 2015; 7:59:37 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-3762 |
The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Published: August 16, 2015; 7:59:35 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |