Apple

macOS X

3207 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2015-7500

  • EPSS 4.25%
  • Veröffentlicht 15.12.2015 21:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

5

CVE-2015-7499

  • EPSS 2.95%
  • Veröffentlicht 15.12.2015 21:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.

7.1

CVE-2015-5312

  • EPSS 1.99%
  • Veröffentlicht 15.12.2015 21:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerab...

6.8

CVE-2015-7804

  • EPSS 20.58%
  • Veröffentlicht 11.12.2015 12:00:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filen...

6.8

CVE-2015-7803

  • EPSS 22.7%
  • Veröffentlicht 11.12.2015 12:00:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry i...

9.3

CVE-2015-7112

  • EPSS 19.67%
  • Veröffentlicht 11.12.2015 12:00:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a differe...

9.3

CVE-2015-7111

  • EPSS 1.73%
  • Veröffentlicht 11.12.2015 12:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a differe...

6.9

CVE-2015-7110

  • EPSS 0.18%
  • Veröffentlicht 11.12.2015 12:00:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.

9.3

CVE-2015-7109

  • EPSS 0.87%
  • Veröffentlicht 11.12.2015 12:00:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

7.2

CVE-2015-7108

  • EPSS 0.33%
  • Veröffentlicht 11.12.2015 12:00:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.