Vulnerabilities > Apple > MAC OS X > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-19 | CVE-2016-1156 | Improper Input Validation vulnerability in Linecorp Line 4.3.0.724/4.3.1 LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. | 3.5 |
| 2015-12-11 | CVE-2015-7046 | Information Exposure vulnerability in Apple products The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges. | 2.6 |
| 2015-12-11 | CVE-2015-7067 | Unspecified vulnerability in Apple mac OS X IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type. | 2.1 |
| 2015-12-11 | CVE-2015-7094 | Improper Input Validation vulnerability in Apple Iphone OS and mac OS X CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL. | 2.6 |
| 2015-11-18 | CVE-2015-8035 | Resource Management Errors vulnerability in multiple products The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. | 2.6 |
| 2015-11-14 | CVE-2013-5229 | 7PK - Security Features vulnerability in Apple Remote Desktop and mac OS X The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box. | 3.7 |
| 2015-10-23 | CVE-2015-6987 | Improper Input Validation vulnerability in Apple mac OS X The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder. | 2.1 |
| 2015-10-09 | CVE-2015-3785 | Multiple Security vulnerability in Apple Mac OS X Prior to 10.11 The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors. local apple | 1.9 |
| 2015-10-09 | CVE-2015-5853 | Information Exposure vulnerability in Apple mac OS X AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors. | 3.3 |
| 2015-10-09 | CVE-2015-5854 | Information Exposure vulnerability in Apple mac OS X The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors. | 2.1 |