Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-7061

  • EPSS 1.37%
  • Published 11.12.2015 11:59:27
  • Last modified 12.04.2025 10:46:40

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2...

4.6

CVE-2015-7062

  • EPSS 0.06%
  • Published 11.12.2015 11:59:27
  • Last modified 12.04.2025 10:46:40

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors.

6.8

CVE-2015-7060

  • EPSS 1.37%
  • Published 11.12.2015 11:59:26
  • Last modified 12.04.2025 10:46:40

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2...

4.3

CVE-2015-7058

  • EPSS 0.52%
  • Published 11.12.2015 11:59:24
  • Last modified 12.04.2025 10:46:40

Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.

6.8

CVE-2015-7059

  • EPSS 1.37%
  • Published 11.12.2015 11:59:24
  • Last modified 12.04.2025 10:46:40

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2...

6.8

CVE-2015-7054

  • EPSS 1.14%
  • Published 11.12.2015 11:59:20
  • Last modified 12.04.2025 10:46:40

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafte...

6.8

CVE-2015-7053

  • EPSS 3.4%
  • Published 11.12.2015 11:59:19
  • Last modified 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.

7.2

CVE-2015-7052

  • EPSS 0.05%
  • Published 11.12.2015 11:59:18
  • Last modified 12.04.2025 10:46:40

kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors.

7.2

CVE-2015-7047

  • EPSS 0.75%
  • Published 11.12.2015 11:59:12
  • Last modified 12.04.2025 10:46:40

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.

2.6

CVE-2015-7046

  • EPSS 0.74%
  • Published 11.12.2015 11:59:11
  • Last modified 12.04.2025 10:46:40

The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with r...