CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3710 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3710
01 Jul 2015 — Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message. Mail en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos provocar una operación de actualización, y como consecuencia causar una visita a un sitio web arbitrario, a través de un mensaje de email HTML manipulado. OS X Yosemite 10.10.4 and Security Update 2015-005 are now available ... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3708 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3708
01 Jul 2015 — kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack. kextd en kext tools en Apple OS X anterior a 10.10.4 permite a atacantes escribir en ficheros arbitrarios a través de una aplicación manipulada que realiza un ataque de enlace simbólico. OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html •
CVSS: 8.8EPSS: 5%CPEs: 2EXPL: 0CVE-2015-3685 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3685
01 Jul 2015 — CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabil... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 10%CPEs: 1EXPL: 0CVE-2015-3680 – Apple OS X DFont FOND Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3680
01 Jul 2015 — Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682. Apple Type Services (ATS) en Apple OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero manipulado, una vulnerabilidad diferente a CVE-2015-3679... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 35%CPEs: 2EXPL: 0CVE-2015-3669 – Apple QuickTime SGI Image File Heap Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3669
01 Jul 2015 — QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665. QT Media Foundation en Apple QuickTime anterior a 7.7.7 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero manipulado, una vulnerabilidad diferente a CVE-2015-3664 y CVE-2015-3665. This vuln... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 5%CPEs: 2EXPL: 0CVE-2015-3689 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3689
01 Jul 2015 — CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabil... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3696 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3696
01 Jul 2015 — Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. Desbordamiento de buffer en Intel Graphics Driver en Apple OS X anterior a 10.10.4 permite a usuarios locales ganar privilegios a través de vectores no especificados, un a vulnerabilidad diferente a CVE-2015-3695, CVE-2015-3697, CVE-20... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3702 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3702
01 Jul 2015 — Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701. Desbordamiento de buffer en Intel Graphics Driver en Apple OS X anterior a 10.10.4 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-3695, CVE-2015-3696, CVE-201... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3720 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3720
01 Jul 2015 — The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app. El kernel en Apple OS X anterior a 10.10.4 no maneja correctamente la memoria en las APIs de extensión del kernel, lo que permite a atacantes obtener información sensible de la estructura de la memoria a través de una aplicación manipulada. OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address priv... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3675 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3675
01 Jul 2015 — The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL. La configuración por defecto en Apache HTTP Server en Apple OS X anterior a 10.10.4 no habilita el módulo mod_hfs_apple, lo que permite a atacantes remotos evadir la autenticación HTTP a través de una URL manipulada. OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege es... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html • CWE-284: Improper Access Control •