U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.2.0
There are 1,971 matching records.
Displaying matches 1,421 through 1,440.
Vuln ID Summary CVSS Severity
CVE-2015-5781

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.

Published: August 16, 2015; 8:01:06 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5779

QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, and CVE-2015-5753.

Published: August 16, 2015; 8:01:04 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-5778

CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.

Published: August 16, 2015; 8:01:03 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5777

CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.

Published: August 16, 2015; 8:01:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5776

Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.

Published: August 16, 2015; 8:00:59 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-5775

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.

Published: August 16, 2015; 8:00:58 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-5774

Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

Published: August 16, 2015; 8:00:57 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-5773

QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.

Published: August 16, 2015; 8:00:55 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5772

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file.

Published: August 16, 2015; 8:00:54 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5771

Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime file.

Published: August 16, 2015; 8:00:52 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5768

AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

Published: August 16, 2015; 8:00:48 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5763

ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: August 16, 2015; 8:00:45 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-5761

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

Published: August 16, 2015; 8:00:44 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5758

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

Published: August 16, 2015; 8:00:41 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5757

libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.

Published: August 16, 2015; 8:00:39 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2015-5756

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.

Published: August 16, 2015; 8:00:38 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5755

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.

Published: August 16, 2015; 8:00:36 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5754

Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error.

Published: August 16, 2015; 8:00:35 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2015-5751

QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5753, and CVE-2015-5779.

Published: August 16, 2015; 8:00:31 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5750

Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters.

Published: August 16, 2015; 8:00:29 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH