CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3805 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3805
13 Aug 2015 — Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. Vulnerabilidad en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales eludir un mecanismo de protección de firma de código a través de un archivo Mach-O manipulado, una vulnerabilidad diferente a CVE-2015-3802. OS X Yosemite 10.10.5 and Security Update 2015-006 is now ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3799 – Apple OS X iCloud Account Authentication Elevation Of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2015-3799
13 Aug 2015 — The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app. Vulnerabilidad en el plug-in de Apple ID OD en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes cambiar las contraseñas de usuarios arbitrarios a través de una aplicación manipulada. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must have shell access to exploit this vulnerability, however Guest acc... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3764 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3764
13 Aug 2015 — Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app. Vulnerabilidad en el Centro de Notificaciones de Apple OS X en versiones anteriores a 10.10.5, no elimina correctamente las notificaciones rechazadas, lo que permite a atacantes leer notificaciones arbitrarias a través de aplicaciones manipuladas. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabi... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5747 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-5747
13 Aug 2015 — The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors. Vulnerabilidad en el driver fasttrap en el kernel de Apple OS X en versiones anteriores a 10.10.5, permite a usuarios locales causar una denegación de servicio (consumo de recursos) a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluet... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5748 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5748
13 Aug 2015 — The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. Vulnerabilidad en el kernel en Apple OS X en versiones anteriores a 10.10.5, no monta adecuadamente volúmenes HFS, lo que permite a usuarios locales causar una denegación de servicio a través de un volumen manipulado. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCICo... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-17: DEPRECATED: Code •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2015-5754 – Apple Mac OSX Install.Framework - SUID Root Runner Binary Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5754
13 Aug 2015 — Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error. Vulnerabilidad de condición de carrera en hilos corriendo en Install.framework en el componente Install Framework Legacy en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario en un contexto c... • https://packetstorm.news/files/id/133550 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-5755 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-5755
13 Aug 2015 — CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761. Vulnerabilidad en CoreText en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a travé... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2015-5756 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5756
13 Aug 2015 — FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775. Vulnerabilidad en FontParser en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5757 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5757
13 Aug 2015 — libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking. Vulnerabilidad en libpthread en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una ap... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-5761 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-5761
13 Aug 2015 — CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755. Vulnerabilidad en CoreText en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a travé... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •