Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-3666

  • EPSS 3.24%
  • Published 03.07.2015 01:59:24
  • Last modified 12.04.2025 10:46:40

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability t...

6.8

CVE-2015-3663

  • EPSS 3.24%
  • Published 03.07.2015 01:59:22
  • Last modified 12.04.2025 10:46:40

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability t...

6.8

CVE-2015-3662

  • EPSS 3.24%
  • Published 03.07.2015 01:59:21
  • Last modified 12.04.2025 10:46:40

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability t...

6.8

CVE-2015-3661

  • EPSS 3.24%
  • Published 03.07.2015 01:59:20
  • Last modified 12.04.2025 10:46:40

QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability t...

6.8

CVE-2015-3659

  • EPSS 1.11%
  • Published 03.07.2015 01:59:18
  • Last modified 12.04.2025 10:46:40

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows re...

6.8

CVE-2015-3658

  • EPSS 0.27%
  • Published 03.07.2015 01:59:17
  • Last modified 12.04.2025 10:46:40

The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, w...

5

CVE-2015-4148

Exploit
  • EPSS 16.94%
  • Published 09.06.2015 18:59:10
  • Last modified 12.04.2025 10:46:40

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted seria...

7.5

CVE-2015-4147

Exploit
  • EPSS 50.79%
  • Published 09.06.2015 18:59:09
  • Last modified 12.04.2025 10:46:40

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serial...

7.5

CVE-2015-4026

Exploit
  • EPSS 10.31%
  • Published 09.06.2015 18:59:08
  • Last modified 12.04.2025 10:46:40

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files wi...

7.5

CVE-2015-4025

  • EPSS 6.08%
  • Published 09.06.2015 18:59:07
  • Last modified 12.04.2025 10:46:40

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with...