Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-11-11 | CVE-2015-7651 | Use After Free Remote Code Execution vulnerability in Adobe Flash Player and AIR APSB15-28 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted DefineFunction atoms, a different vulnerability than CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. | 9.3 |
| 2015-11-05 | CVE-2015-7192 | Code vulnerability in Mozilla Firefox The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index. | 7.5 |
| 2015-10-23 | CVE-2015-7023 | Code vulnerability in Apple Iphone OS and mac OS X CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors. | 5.8 |
| 2015-10-23 | CVE-2015-7021 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors. | 7.2 |
| 2015-10-23 | CVE-2015-7020 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7019. | 5.6 |
| 2015-10-23 | CVE-2015-7019 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7020. | 5.6 |
| 2015-10-23 | CVE-2015-7018 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7010. | 6.8 |
| 2015-10-23 | CVE-2015-7016 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app. | 7.6 |
| 2015-10-23 | CVE-2015-7015 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Watchos Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client. | 6.8 |
| 2015-10-23 | CVE-2015-7014 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and Safari WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 6.8 |