CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1133 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1133
09 Apr 2015 — fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, y CVE-2015-1135. OS X Yosemite 10.10.3 and Security Update 201... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2015-1136 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1136
09 Apr 2015 — Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex. Vulnerabilidad de uso después de liberación en CoreAnimation en Apple OS X anterior a 10.10.3 permite a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento del uso indebido de un mutex. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1137 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1137
09 Apr 2015 — The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type. El controlador gráfico de NVIDIA en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios o causar una denegación de servicio (referencia a puntero NULO) a través de un tipo IOService userclient no especificado. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address pr... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1138 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1138
09 Apr 2015 — Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors. Hypervisor en Apple OS X anterior a 10.10.3 permite a usuarios locales causar una denegación de servicio a través de vectores no especificados. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2015-1139 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1139
09 Apr 2015 — ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file. ImageIO en Apple OS X anterior a 10.10.3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero .sgi manipulado. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 1CVE-2015-1140 – Apple OS X IOHIDSecurePromptClient Untrusted Pointer Dereference Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1140
09 Apr 2015 — Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors. Desbordamiento de buffer en IOHIDFamily en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de vectores no especificados. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious f... • https://github.com/kpwn/vpwn • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1141 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1141
09 Apr 2015 — The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors. La funcionalidad mach_vm_read en el kernel en Apple OS X anterior a 10.10.3 permite a usuarios locales causar una denegación de servicio (caída del sistema) a través de vectores no especificados. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1142 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1142
09 Apr 2015 — LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data. LaunchServices en Apple OS X anterior a 10.10.3 permite a usuarios locales causar una denegación de servicio (caída de Finder) a través de datos de localización manipulados. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1143 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1143
09 Apr 2015 — LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue. LaunchServices en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de una cadena de texto localizada manipulada, relacionado con un problema de 'type confusion'. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various other vul... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1144 – Apple Security Advisory 2015-04-08-2
https://notcve.org/view.php?id=CVE-2015-1144
09 Apr 2015 — Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier. Desbordamiento de buffer en el componente UniformTypeIdentifiers en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de un Uniform Type Identifier manipulado. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various o... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •