Vulnerabilities > Apple > MAC OS X > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-09-18 | CVE-2015-5842 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Watchos XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors. | 2.1 |
| 2015-08-17 | CVE-2015-5748 | Code vulnerability in Apple Iphone OS, mac OS X and Safari The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. | 2.1 |
| 2015-08-16 | CVE-2015-3757 | Improper Access Control vulnerability in Apple mac OS X Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane. | 2.1 |
| 2015-08-16 | CVE-2015-3778 | Information Exposure vulnerability in Apple Iphone OS and mac OS X bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. | 3.3 |
| 2015-08-16 | CVE-2015-3787 | Improper Input Validation vulnerability in Apple mac OS X The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets. | 3.3 |
| 2015-05-21 | CVE-2015-4000 | Cryptographic Issues vulnerability in multiple products The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | 3.7 |
| 2015-04-10 | CVE-2015-1096 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. | 1.9 |
| 2015-04-10 | CVE-2015-1142 | Improper Input Validation vulnerability in Apple mac OS X LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data. | 2.1 |
| 2015-04-10 | CVE-2015-1145 | Cryptographic Issues vulnerability in Apple mac OS X The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146. | 1.9 |
| 2015-04-10 | CVE-2015-1146 | Cryptographic Issues vulnerability in Apple mac OS X The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145. | 1.9 |