CVSS: 7.1EPSS: 9%CPEs: 3EXPL: 0CVE-2015-1102 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1102
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 no maneja correctamente las cabeceras TCP, lo que permite a atacantes man-in-the-middle causar una denegación de servicio a través de vectores no especificados. OS X Yosemite 10.10.3 and Security ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2015-1136 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1136
09 Apr 2015 — Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex. Vulnerabilidad de uso después de liberación en CoreAnimation en Apple OS X anterior a 10.10.3 permite a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento del uso indebido de un mutex. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1118 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1118
09 Apr 2015 — libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile. libnetcore en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un perfil de configuración manipulado. OS X Yosemite 10.10.3 and Security Update 2015-004 a... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1132 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1132
09 Apr 2015 — fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, y CVE-2015-1135. OS X Yosemite 10.10.3 and Security Update 2015... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1095 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1095
09 Apr 2015 — IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device. IOHIDFamily en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes físicamente próximos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un dispositivo HID manipulado. OS X Yosemite 10... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1137 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1137
09 Apr 2015 — The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type. El controlador gráfico de NVIDIA en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios o causar una denegación de servicio (referencia a puntero NULO) a través de un tipo IOService userclient no especificado. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address pr... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1143 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1143
09 Apr 2015 — LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue. LaunchServices en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de una cadena de texto localizada manipulada, relacionado con un problema de 'type confusion'. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various other vul... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1146 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1146
09 Apr 2015 — The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145. La implentación Code Signing en Apple OS X anterior a 10.10.3 no valida correctamente las firmas, lo que permite a usuarios locales evadir las restricciones de acceso a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-1145. OS X Yosemite 10.10.3 and Securi... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1133 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1133
09 Apr 2015 — fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, y CVE-2015-1135. OS X Yosemite 10.10.3 and Security Update 201... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1131 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1131
09 Apr 2015 — fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, y CVE-2015-1135. OS X Yosemite 10.10.3 and Security Update 201... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •