Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-10 | CVE-2015-1134 | Improper Input Validation vulnerability in Apple mac OS X fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135. | 7.2 |
2015-04-10 | CVE-2015-1133 | Improper Input Validation vulnerability in Apple mac OS X fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135. | 7.2 |
2015-04-10 | CVE-2015-1132 | Improper Input Validation vulnerability in Apple mac OS X fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. | 10.0 |
2015-04-10 | CVE-2015-1131 | Improper Input Validation vulnerability in Apple mac OS X fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135. | 7.2 |
2015-04-10 | CVE-2015-1130 | 7PK - Security Features vulnerability in Apple mac OS X The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors. | 7.2 |
2015-04-10 | CVE-2015-1129 | Cryptographic Issues vulnerability in Apple Iphone OS and Safari Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site. | 4.3 |
2015-04-10 | CVE-2015-1128 | Information Exposure vulnerability in Apple Safari The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests. | 5.0 |
2015-04-10 | CVE-2015-1127 | Information Exposure vulnerability in Apple Safari The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries. | 2.1 |
2015-04-10 | CVE-2015-1126 | Improper Input Validation vulnerability in Apple Iphone OS and Safari WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors. | 4.3 |
2015-04-10 | CVE-2015-1125 | Code vulnerability in Apple Iphone OS The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site. | 4.3 |