Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-16 | CVE-2015-3781 | Cross-site Scripting vulnerability in Apple mac OS X Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search. | 4.3 |
| 2015-08-16 | CVE-2015-3780 | Information Exposure vulnerability in Apple mac OS X The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | 4.3 |
| 2015-08-16 | CVE-2015-3779 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0.0 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | 6.8 |
| 2015-08-16 | CVE-2015-3778 | Information Exposure vulnerability in Apple Iphone OS and mac OS X bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. | 3.3 |
| 2015-08-16 | CVE-2015-3777 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. | 7.2 |
| 2015-08-16 | CVE-2015-3776 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist. | 9.3 |
| 2015-08-16 | CVE-2015-3775 | Improper Authentication vulnerability in Apple mac OS X Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. | 7.2 |
| 2015-08-16 | CVE-2015-3774 | Improper Input Validation vulnerability in Apple mac OS X The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream. | 4.8 |
| 2015-08-16 | CVE-2015-3773 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 7.5 |
| 2015-08-16 | CVE-2015-3772 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771. | 7.2 |