CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3777 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3777
13 Aug 2015 — Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. Vulnerabilidad de desbordamiento de búfer múltiple en blued en el subsistema de Bluetooth en Apple OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios a través de mensajes XPC. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 36%CPEs: 2EXPL: 0CVE-2015-3792 – Apple Security Advisory 2015-08-20-1
https://notcve.org/view.php?id=CVE-2015-3792
13 Aug 2015 — QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3803 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3803
13 Aug 2015 — Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file. Vulnerabilidad en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales eludir un mecanismo de protección de firma de código a través de un archivo de arquitectura múltiple ejecutable manipulado. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3780 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3780
13 Aug 2015 — The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Vulnerabilidad en el subsistema de Bluetooth en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes obtener información sensible de la estructura de la memoria del kernel a través de una aplicación manipulada. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIControl... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-3784 – Apple Security Advisory 2015-10-15-1
https://notcve.org/view.php?id=CVE-2015-3784
13 Aug 2015 — Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Vulnerabilidad en Office Viewer en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos leer archivos arbitrarios a través de un documento XML que contiene una declaración de entidad externa ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3757 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3757
13 Aug 2015 — Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane. Vulnerabilidad en Apple OS X en versiones anteriores a 10.10.5, no restringe adecuadamente el acceso al panel de preferencias de Fecha y Hora, lo que permite a usuarios locales falsificar la hora visitando este panel. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBlue... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-284: Improper Access Control •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3806 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3806
13 Aug 2015 — Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file. Vulnerabilidad en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales eludir un mecanismo de protección de firma de código añadiendo código a un archivo ejecutable manipulado. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD pl... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3800 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3800
13 Aug 2015 — The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. Vulnerabilidad en el componente DiskImages en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una imagen DMG mal formada.... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3761 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3761
13 Aug 2015 — The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Vulnerabilidad en el kernel de Apple OS X en versiones anteriores a 10.10.5, no valida correctamente los nombres de ruta de acceso en el entorno, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 0CVE-2015-3765 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3765
13 Aug 2015 — QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •