National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.6.5
There are 2,734 matching records.
Displaying matches 1441 through 1460.
Vuln ID Summary CVSS Severity
CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

Published: December 15, 2015; 04:59:00 PM -05:00
    V2: 7.1 HIGH
CVE-2015-7804

Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.

Published: December 11, 2015; 07:00:12 AM -05:00
    V2: 6.8 MEDIUM
CVE-2015-7803

The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.

Published: December 11, 2015; 07:00:11 AM -05:00
    V2: 6.8 MEDIUM
CVE-2015-7112

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.

Published: December 11, 2015; 07:00:09 AM -05:00
    V2: 9.3 HIGH
CVE-2015-7111

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.

Published: December 11, 2015; 07:00:08 AM -05:00
    V2: 9.3 HIGH
CVE-2015-7110

The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.

Published: December 11, 2015; 07:00:07 AM -05:00
    V2: 6.9 MEDIUM
CVE-2015-7109

IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: December 11, 2015; 07:00:06 AM -05:00
    V2: 9.3 HIGH
CVE-2015-7108

The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: December 11, 2015; 07:00:05 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7107

QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.

Published: December 11, 2015; 07:00:04 AM -05:00
    V2: 6.8 MEDIUM
CVE-2015-7106

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published: December 11, 2015; 07:00:03 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7105

CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

Published: December 11, 2015; 07:00:02 AM -05:00
    V2: 6.8 MEDIUM
CVE-2015-7094

CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.

Published: December 11, 2015; 06:59:51 AM -05:00
    V2: 2.6 LOW
CVE-2015-7084

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.

Published: December 11, 2015; 06:59:49 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7083

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.

Published: December 11, 2015; 06:59:48 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7081

iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Published: December 11, 2015; 06:59:46 AM -05:00
    V2: 5.0 MEDIUM
CVE-2015-7078

Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.

Published: December 11, 2015; 06:59:43 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7077

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.

Published: December 11, 2015; 06:59:42 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7076

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Published: December 11, 2015; 06:59:41 AM -05:00
    V2: 7.2 HIGH
CVE-2015-7075

CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

Published: December 11, 2015; 06:59:40 AM -05:00
    V2: 6.8 MEDIUM
CVE-2015-7074

CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

Published: December 11, 2015; 06:59:40 AM -05:00
    V2: 6.8 MEDIUM