CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3766
https://notcve.org/view.php?id=CVE-2015-3766
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app. Vulnerabilidad en el kernel de Apple iOS en versiones anteriores a 8.4.1 y en OS X en versiones anteriores a 10.10.5, no restringe correctamente la interfaz mach_port_space_info, lo que permite a atacantes obtener información sensible de la estructura de la memoria a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76343 http://www.securitytracker.com/id/1033275 https://support.apple.com/kb/HT205030 https://support.apple.com/kb/HT205031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3762
https://notcve.org/view.php?id=CVE-2015-3762
The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Vulnerabilidad en el componente de Text Formats en Apple OS X en versiones anteriores a 10.10.5, tal como se utiliza en TextEdit, permite a atacantes remotos leer archivos arbitrariamente a través de un fichero de texto que contiene una declaración de entidad externa XML junto con una referencia a entidad, relacionado con un XML External Entity (XEE). • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://www.securityfocus.com/bid/76340 http://www.securitytracker.com/id/1033276 https://support.apple.com/kb/HT205031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-5756
https://notcve.org/view.php?id=CVE-2015-5756
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775. Vulnerabilidad en FontParser en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo font manipulado, una vulnerabilidad diferente a CVE-2015-3804 y CVE-2015-5775. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76343 http://www.securitytracker.com/id/1033275 https://support.apple.com/kb/HT205030 https://support.apple.com/kb/HT205031 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3771
https://notcve.org/view.php?id=CVE-2015-3771
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772. Vulnerabilidad en IOFireWireFamily en Apple OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-3769 y CVE-2015-3772. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://www.securityfocus.com/bid/76340 http://www.securitytracker.com/id/1033276 https://support.apple.com/kb/HT205031 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 1%CPEs: 5EXPL: 0CVE-2015-3807
https://notcve.org/view.php?id=CVE-2015-3807
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document. Vulnerabilidad en libxml2 en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos obtener información sensible de la memoria del proceso o causar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html http://www.securityfocus.com/bid/76343 http://www.securitytracker.com/id/1033275 https://support.apple.com/HT205635 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •