Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-10 | CVE-2015-1130 | 7PK - Security Features vulnerability in Apple mac OS X The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors. | 7.2 |
| 2015-04-10 | CVE-2015-1118 | Unspecified vulnerability in Apple Iphone OS, mac OS X and Tvos libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile. | 5.0 |
| 2015-04-10 | CVE-2015-1117 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS, mac OS X and Tvos The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app. | 6.9 |
| 2015-04-10 | CVE-2015-1105 | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets. | 5.0 |
| 2015-04-10 | CVE-2015-1104 | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet. | 5.0 |
| 2015-04-10 | CVE-2015-1103 | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet. | 7.5 |
| 2015-04-10 | CVE-2015-1102 | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors. | 7.1 |
| 2015-04-10 | CVE-2015-1101 | Unspecified vulnerability in Apple Iphone OS, mac OS X and Tvos The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. local apple | 6.9 |
| 2015-04-10 | CVE-2015-1100 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app. | 5.4 |
| 2015-04-10 | CVE-2015-1099 | Race Condition vulnerability in Apple Iphone OS, mac OS X and Tvos Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app. | 4.0 |