CVSS: 6.8EPSS: 4%CPEs: 1EXPL: 1CVE-2015-1136
https://notcve.org/view.php?id=CVE-2015-1136
Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex. Vulnerabilidad de uso después de liberación en CoreAnimation en Apple OS X anterior a 10.10.3 permite a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento del uso indebido de un mutex. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1132
https://notcve.org/view.php?id=CVE-2015-1132
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. fontd en Apple Type Services (ATS) en Apple OS X anterior a 10.10.3permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, y CVE-2015-1135. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-20: Improper Input Validation •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1142
https://notcve.org/view.php?id=CVE-2015-1142
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data. LaunchServices en Apple OS X anterior a 10.10.3 permite a usuarios locales causar una denegación de servicio (caída de Finder) a través de datos de localización manipulados. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1143
https://notcve.org/view.php?id=CVE-2015-1143
LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue. LaunchServices en Apple OS X anterior a 10.10.3 permite a usuarios locales ganar privilegios a través de una cadena de texto localizada manipulada, relacionado con un problema de 'type confusion'. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 1CVE-2015-1139
https://notcve.org/view.php?id=CVE-2015-1139
ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file. ImageIO en Apple OS X anterior a 10.10.3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero .sgi manipulado. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://www.securityfocus.com/bid/73982 http://www.securitytracker.com/id/1032048 https://support.apple.com/HT204659 • CWE-20: Improper Input Validation •