Vulnerabilities > Apple > MAC OS X > 10.5.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-08-16 | CVE-2015-3768 | Numeric Errors vulnerability in Apple Iphone OS and mac OS X Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls. | 9.3 |
2015-08-16 | CVE-2015-3767 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. | 7.2 |
2015-08-16 | CVE-2015-3766 | Information Exposure vulnerability in Apple Iphone OS and mac OS X The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app. | 4.3 |
2015-08-16 | CVE-2015-3764 | Information Exposure vulnerability in Apple mac OS X Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app. | 4.3 |
2015-08-16 | CVE-2015-3762 | Information Exposure vulnerability in Apple mac OS X The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
2015-08-16 | CVE-2015-3761 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. | 7.2 |
2015-08-16 | CVE-2015-3760 | Improper Input Validation vulnerability in Apple mac OS X dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. | 7.2 |
2015-08-16 | CVE-2015-3757 | Improper Access Control vulnerability in Apple mac OS X Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane. | 2.1 |
2015-08-16 | CVE-2013-7422 | Numeric Errors vulnerability in multiple products Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression. | 7.5 |
2015-08-14 | CVE-2015-1819 | Resource Management Errors vulnerability in multiple products The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. | 5.0 |