CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5871 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5871
01 Oct 2015 — IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890. IOGraphics en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5872, CVE-2015-5873 y CVE-2015-5890. OS... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5872 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5872
01 Oct 2015 — IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890. IOGraphics en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5871, CVE-2015-5873 y CVE-2015-5890. OS... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5873 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5873
01 Oct 2015 — IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5890. IOGraphics en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5871, CVE-2015-5872 y CVE-2015-5890. OS... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5875 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5875
01 Oct 2015 — Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before 10.11 allows local users to inject arbitrary web script or HTML via crafted text. Vulnerabilidad de XSS en Notes en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales inyectar secuencias de comandos web o HTML arbitrarios a través de un texto manipulado. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5877 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5877
01 Oct 2015 — The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5830. El componente Intel Graphics Driver en Apple OS X en versiones anteriores a 10.11 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5830. OS X El Capitan 1... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5878 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5878
01 Oct 2015 — Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive information via unspecified vectors. Notes en Apple OS X en versiones anteriores a 10.11 no analiza links, lo que permite a usuarios locales obtener información sensible a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5913 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5913
01 Oct 2015 — Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request. Heimdal, tal como se utiliza en Apple OS X en versiones anteriores a 10.11, permite a atacantes remotos llevar a cabo ataques de repetición contra el servidor SMB a través de datos en un paquete que representan una petición de autenticación Kerberos. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabili... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5914 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5914
01 Oct 2015 — The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete fix for CVE-2014-4498. El componente EFI en Apple OS X en versiones anteriores a 10.11 permite a atacantes físicamente próximos modificar el firmware durante el proceso de actualización de EFI insertando un adaptado... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-17: DEPRECATED: Code •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5915 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5915
01 Oct 2015 — Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors. Apple OS X en versiones anteriores a 10.11 no asegura que el estado de bloqueo del llavero se muestre correctamente, lo que tiene un impacto y vectores de ataque no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-17: DEPRECATED: Code •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 1CVE-2015-5917 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5917
01 Oct 2015 — The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring. La implementación de glob en tnftpd (anteriormente lukemftpd), tal como se utiliza en Apple OS X en versiones anteriores a 10.11 permite a atacantes remotos provocar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •