Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5567 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5917 | 2 Apple, Netbsd | 2 Mac Os X, Tnftpd | 2024-11-21 | N/A |
| The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring. | ||||
| CVE-2015-5915 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors. | ||||
| CVE-2015-5914 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete fix for CVE-2014-4498. | ||||
| CVE-2015-5913 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request. | ||||
| CVE-2015-5912 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | N/A |
| The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses. | ||||
| CVE-2015-5903 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | N/A |
| The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896. | ||||
| CVE-2015-5902 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors. | ||||
| CVE-2015-5901 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive. | ||||
| CVE-2015-5900 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address. | ||||
| CVE-2015-5899 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | N/A |
| libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2015-5897 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using an environment variable to inject code into processes that rely on this framework. | ||||
| CVE-2015-5896 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | N/A |
| The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903. | ||||
| CVE-2015-5894 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | ||||
| CVE-2015-5893 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| SMBClient in SMB in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | ||||
| CVE-2015-5891 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2015-5890 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5873. | ||||
| CVE-2015-5889 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| rsh in the remote_cmds component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving environment variables. | ||||
| CVE-2015-5888 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving a privileged executable file. | ||||
| CVE-2015-5887 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data. | ||||
| CVE-2015-5885 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | N/A |
| The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vectors involving a cookie for a top-level domain. | ||||