Vulnerabilities > Apple > MAC OS X > 10.3.5

DATE CVE VULNERABILITY TITLE RISK
2015-10-09 CVE-2015-5865 Information Exposure vulnerability in Apple mac OS X
IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
network
apple CWE-200
4.3
2015-10-09 CVE-2015-5864 Information Exposure vulnerability in Apple mac OS X
IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.
local
low complexity
apple CWE-200
2.1
2015-10-09 CVE-2015-5854 Information Exposure vulnerability in Apple mac OS X
The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors.
local
low complexity
apple CWE-200
2.1
2015-10-09 CVE-2015-5853 Information Exposure vulnerability in Apple mac OS X
AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors.
low complexity
apple CWE-200
3.3
2015-10-09 CVE-2015-5849 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection.
network
apple CWE-264
6.8
2015-10-09 CVE-2015-5836 Information Exposure vulnerability in Apple mac OS X
Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.
network
apple CWE-200
4.3
2015-10-09 CVE-2015-5833 7PK - Security Features vulnerability in Apple mac OS X
The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at the intended time, which allows physically proximate attackers to obtain access by visiting an unattended workstation.
local
low complexity
apple CWE-254
7.2
2015-10-09 CVE-2015-5830 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877.
local
low complexity
apple CWE-119
7.2
2015-10-09 CVE-2015-3785 Multiple Security vulnerability in Apple Mac OS X Prior to 10.11
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.
local
apple
1.9
2015-09-18 CVE-2015-5912 Code vulnerability in Apple Iphone OS and mac OS X
The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses.
network
low complexity
apple CWE-17
5.0