CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3800 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3800
13 Aug 2015 — The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. Vulnerabilidad en el componente DiskImages en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una imagen DMG mal formada.... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3761 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3761
13 Aug 2015 — The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Vulnerabilidad en el kernel de Apple OS X en versiones anteriores a 10.10.5, no valida correctamente los nombres de ruta de acceso en el entorno, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2015-3807 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-3807
13 Aug 2015 — libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document. Vulnerabilidad en libxml2 en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos obtener información sensible de la memoria del proceso o causar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. OS X... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3775 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3775
13 Aug 2015 — Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. Vulnerabilidad en Apple OS X en versiones anteriores a 10.10.5, no implementa adecuadamente la autenticación, lo que permite a usuarios locales obtener privilegios de administrador a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIContro... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3782 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3782
13 Aug 2015 — CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. Vulnerabilidad en CloudKit en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes acceder a un registro de usuario de iCloud asociado a una sesión previa de login de usuario a través de una aplicación manipulada. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3762 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3762
13 Aug 2015 — The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Vulnerabilidad en el componente de Text Formats en Apple OS X en versiones anteriores a 10.10.5, tal como se utiliza en TextEdit, permite a atacantes remotos leer archivos arbitrariamente a través de un fichero de texto que contiene una... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3787 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3787
13 Aug 2015 — The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets. Vulnerabilidad en el subsistema de Bluetooth en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos causar una denegación de servicio a través de paquetes Bluetooth ACL mal formados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and more. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3769 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3769
13 Aug 2015 — IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772. Vulnerabilidad en IOFireWireFamily en Apple OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-3771 y CVE-2015-3772... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-3773 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3773
13 Aug 2015 — The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Vulnerabilidad en el cliente SMB de Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y aplicación caída) a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3786 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3786
13 Aug 2015 — The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired devices via a crafted app. Vulnerabilidad en el subsistema de Bluetooth en Apple OS X en versiones anteriores a 10.10.5, no restringe adecuadamente acceso al Notification Center Service, lo que permite a atacantes leer notificaciones del Notification Center de ciertos dispositivos vinculados a través de una apli... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •