Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2015-09-05 CVE-2015-5986 Improper Input Validation vulnerability in multiple products
openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.
network
isc apple CWE-20
7.1
2015-09-05 CVE-2015-5722 Improper Input Validation vulnerability in multiple products
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
network
low complexity
isc apple CWE-20
7.8
2015-08-25 CVE-2015-5786 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime
Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5785.
network
apple CWE-119
6.8
2015-08-25 CVE-2015-5785 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime
Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-5786.
network
apple CWE-119
6.8
2015-08-24 CVE-2015-5566 Unspecified vulnerability in Adobe products
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.
network
low complexity
adobe linux apple microsoft
critical
10.0
2015-08-17 CVE-2015-5784 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
network
apple CWE-264
critical
9.3
2015-08-17 CVE-2015-5783 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770.
network
apple CWE-119
critical
9.3
2015-08-17 CVE-2015-5782 Information Exposure vulnerability in Apple Iphone OS and mac OS X
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
network
apple CWE-200
4.3
2015-08-17 CVE-2015-5781 Information Exposure vulnerability in Apple Iphone OS and mac OS X
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
network
apple CWE-200
4.3
2015-08-17 CVE-2015-5779 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, and CVE-2015-5753.
network
low complexity
apple CWE-119
7.5