CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-5778 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5778
13 Aug 2015 — CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777. Vulnerabilidad en CoreMedia Playback en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de l... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5781 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5781
13 Aug 2015 — ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image. Vulnerabilidad en ImageIO en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a atacantes remotos obtener información sensible de la memoria del proceso a través de una... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2015-5784 – Apple Mac OSX Install.Framework - Arbitrary mkdir / unlink and chown to Admin Group
https://notcve.org/view.php?id=CVE-2015-5784
13 Aug 2015 — runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Vulnerabilidad en runner en Install.framework en el componente Install Framework Legacy en Apple OS X en versiones anteriores a 10.10.5, no elimina correctamente los privilegios, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicació... • https://packetstorm.news/files/id/133549 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3760 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3760
13 Aug 2015 — dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Vulnerabilidad en dyld en Apple OS X en versiones anteriores a 10.10.5, no valida correctamente los nombre de ruta de acceso en el entorno, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plu... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 0CVE-2015-3765 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3765
13 Aug 2015 — QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3770 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3770
13 Aug 2015 — IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783. Vulnerabilidad en IOGraphisc en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2015-5783. OS X Yosemite 10.10.5 and Security Update 201... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3777 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3777
13 Aug 2015 — Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. Vulnerabilidad de desbordamiento de búfer múltiple en blued en el subsistema de Bluetooth en Apple OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios a través de mensajes XPC. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 0CVE-2015-3779 – Apple Security Advisory 2015-08-13-2
https://notcve.org/view.php?id=CVE-2015-3779
13 Aug 2015 — QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 34%CPEs: 2EXPL: 0CVE-2015-3788 – Apple Security Advisory 2015-08-20-1
https://notcve.org/view.php?id=CVE-2015-3788
13 Aug 2015 — QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de se... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 34%CPEs: 2EXPL: 0CVE-2015-3789 – Apple Security Advisory 2015-08-20-1
https://notcve.org/view.php?id=CVE-2015-3789
13 Aug 2015 — QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. Vulnerabilidad en QuickTime 7 en Apple OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •