CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7760
https://notcve.org/view.php?id=CVE-2015-7760
09 Oct 2015 — libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than CVE-2015-7761. libxpc en launchd en Apple OS X en versiones anteriores a 10.11 no restringe la creación de procesos para conexiones de red, lo que permite a atacantes remotos causar una denegación de servicio (consumo de recursos) conectando r... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3785 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-3785
01 Oct 2015 — The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors. El componente Telephony en Apple OS X en versiones anteriores a 10.11, cuando la funcionalidad Continuity está habilitada, permite a usuarios locales eludir las restricciones destinadas a llamadas telefónicas a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5830 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5830
01 Oct 2015 — The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877. El componente Intel Graphics Driver en Apple OS X en versiones anteriores 10.11 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5877. OS X El Capitan 1... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5833 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5833
01 Oct 2015 — The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at the intended time, which allows physically proximate attackers to obtain access by visiting an unattended workstation. El componente Login Window en Apple OS X en versiones anteriores a 10.11 no asegura que la pantalla esté bloqueada el tiempo previsto, lo que permite a atacantes físicamente próximos obtener acceso visitando una estación de trabajo desatendida. OS X El Capitan 10.11 is now available and addres... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-254: 7PK - Security Features •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5836 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5836
01 Oct 2015 — Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app. Apple Online Store Kit en Apple OS X en versiones anteriores a 10.11 valida de manera incorrecta el elemento ACLs del llavero, lo que permite a atacantes obtener acceso a elementos del llavero a través de una app manipulada. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releas... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5849 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5849
01 Oct 2015 — The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection. La implementación de filtrado en AppleEvents en Apple OS X en versiones anterioes a 10.11 no maneja correctamente los intentos de enviar eventos a un usuario diferente, lo que permite a atacantes eludir las restricciones destinadas al acceso aprovechando una conexión de pantalla ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5853 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5853
01 Oct 2015 — AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors. AirScan en Apple OS X en versiones anteriores a 10.11 permite a atacantes man-in-the-middle obtener los datos del payload del paquete eSCL a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5854 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5854
01 Oct 2015 — The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors. La implementación de copia de respaldo en Time Machine en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener acceso a los elementos del llavero a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5864 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5864
01 Oct 2015 — IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. IOAudioFamily en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener información sensible de la estructura de memoria del kernel a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5865 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5865
01 Oct 2015 — IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. IOGraphics en Apple OS X en versiones anteriores a 10.11 permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una app manipulada. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •