CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6983
https://notcve.org/view.php?id=CVE-2015-6983
21 Oct 2015 — Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors. Vulnerabilidad de liberación doble en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 permite a atacantes escribir en archivos arbitrarios a través de una aplicación manipulada que accede a descriptores AtomicBufferedFile. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html •
CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0CVE-2015-6988
https://notcve.org/view.php?id=CVE-2015-6988
21 Oct 2015 — The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement. El kernel en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 no inicializa una estructura de datos no especificada, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores que involucran un requisito network-connectivit... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-6989
https://notcve.org/view.php?id=CVE-2015-6989
21 Oct 2015 — Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls. Grand Central Dispatch en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y watchOS en versiones anteriores a 2.0.1 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a tra... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-6990
https://notcve.org/view.php?id=CVE-2015-6990
21 Oct 2015 — FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018. FontParser en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provoca... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-6991
https://notcve.org/view.php?id=CVE-2015-6991
21 Oct 2015 — FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018. FontParser en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provoca... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 3EXPL: 0CVE-2015-6992
https://notcve.org/view.php?id=CVE-2015-6992
21 Oct 2015 — CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017. CoreText en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y iTunes en versiones anteriores a 12.3.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 3EXPL: 0CVE-2015-6978 – Apple Safari TTF Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6978
21 Oct 2015 — FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018. FontParser en Apple iOS en versiones anteriores a 9.1 y OS X en versiones anteriores a 10.11.1 permite a atacantes remotos ejecutar código arbitrario o provoca... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7760
https://notcve.org/view.php?id=CVE-2015-7760
09 Oct 2015 — libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than CVE-2015-7761. libxpc en launchd en Apple OS X en versiones anteriores a 10.11 no restringe la creación de procesos para conexiones de red, lo que permite a atacantes remotos causar una denegación de servicio (consumo de recursos) conectando r... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7761
https://notcve.org/view.php?id=CVE-2015-7761
09 Oct 2015 — Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760. Mail en Apple OS X en versiones anteriores a 10.11 no reconoce correctamente las preferencias de usuario, lo que permite a atacantes obtener información sensible a través de una acción no especificada durante la impresión de un mensaje de correo electrónico, una vu... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5849
https://notcve.org/view.php?id=CVE-2015-5849
09 Oct 2015 — The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection. La implementación de filtrado en AppleEvents en Apple OS X en versiones anterioes a 10.11 no maneja correctamente los intentos de enviar eventos a un usuario diferente, lo que permite a atacantes eludir las restricciones destinadas al acceso aprovechando una conexión de pantalla ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-264: Permissions, Privileges, and Access Controls •