Vulnerabilities > Apple > MAC OS X > 10.3

DATE CVE VULNERABILITY TITLE RISK
2015-12-11 CVE-2015-7094 Improper Input Validation vulnerability in Apple Iphone OS and mac OS X
CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.
network
high complexity
apple CWE-20
2.6
2015-12-11 CVE-2015-7084 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
local
low complexity
apple CWE-119
7.2
2015-12-11 CVE-2015-7083 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
local
low complexity
apple CWE-119
7.2
2015-12-11 CVE-2015-7081 Unspecified vulnerability in Apple Iphone OS and mac OS X
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
network
low complexity
apple
5.0
2015-12-11 CVE-2015-7078 Unspecified vulnerability in Apple mac OS X
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.
local
low complexity
apple
7.2
2015-12-11 CVE-2015-7077 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
local
low complexity
apple CWE-119
7.2
2015-12-11 CVE-2015-7076 Unspecified vulnerability in Apple mac OS X
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
local
low complexity
apple
7.2
2015-12-11 CVE-2015-7075 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7074 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7073 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.
network
apple CWE-119
6.8