Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-8129 | 6.8 |
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the
|
13-02-2023 - 00:43 | 12-03-2018 - 02:29 | |
CVE-2014-8127 | 4.3 |
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tif
|
13-02-2023 - 00:43 | 26-06-2017 - 15:29 | |
CVE-2015-3717 | 7.5 |
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
|
20-11-2020 - 19:03 | 03-07-2015 - 02:00 | |
CVE-2014-8130 | 4.3 |
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteS
|
05-04-2018 - 21:07 | 12-03-2018 - 02:29 | |
CVE-2015-3711 | 4.3 |
The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3702 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3699 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3718 | 6.8 |
systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app,
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3688 | 6.8 |
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3672 | 7.2 |
Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3709 | 6.9 |
Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3687 | 6.8 |
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3682 | 6.8 |
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-20
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3716 | 4.4 |
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3708 | 8.8 |
kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack. <a href="https://cwe.mitre.org/data/definitions/61.html">CWE-61: UNIX Symbolic Link (Symlink) Following</a
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3686 | 6.8 |
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3704 | 9.3 |
runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3696 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3677 | 4.3 |
The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3712 | 9.3 |
The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3701 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3719 | 6.8 |
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3714 | 5.0 |
Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3683 | 9.3 |
The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3675 | 5.0 |
The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3691 | 9.3 |
The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages control of a function pointer.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3685 | 6.8 |
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3679 | 6.8 |
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-20
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3710 | 4.3 |
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3706 | 9.3 |
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3680 | 6.8 |
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-20
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3705 | 9.3 |
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3698 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3676 | 4.3 |
AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3721 | 4.3 |
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3678 | 7.2 |
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3695 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3684 | 6.8 |
The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3707 | 9.3 |
The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/defi
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3690 | 4.3 |
The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3715 | 6.8 |
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library.
|
22-09-2017 - 01:29 | 03-07-2015 - 02:00 | |
CVE-2015-3681 | 6.8 |
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-20
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3700 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3689 | 6.8 |
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3674 | 7.5 |
afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3697 | 7.2 |
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-201
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3671 | 7.2 |
Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3694 | 6.8 |
FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3673 | 7.2 |
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 | |
CVE-2015-3703 | 6.8 |
ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.
|
22-09-2017 - 01:29 | 03-07-2015 - 01:59 |