Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-11 | CVE-2015-7059 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X, Tvos and Watchos The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061. | 6.8 |
| 2015-12-11 | CVE-2015-7058 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app. | 4.3 |
| 2015-12-11 | CVE-2015-7057 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. | 4.6 |
| 2015-12-11 | CVE-2015-7056 | Information Exposure vulnerability in Apple Xcode IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. | 5.0 |
| 2015-12-11 | CVE-2015-7054 | Data Processing Errors vulnerability in Apple products zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site. | 6.8 |
| 2015-12-11 | CVE-2015-7053 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image. | 6.8 |
| 2015-12-11 | CVE-2015-7050 | Information Exposure vulnerability in Apple Iphone OS and Safari WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses content extensions, which allows remote attackers to obtain sensitive browsing-history information via a crafted web site. | 4.3 |
| 2015-12-11 | CVE-2015-7049 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057. | 4.6 |
| 2015-12-11 | CVE-2015-7048 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. | 6.8 |
| 2015-12-11 | CVE-2015-7045 | Code vulnerability in Apple mac OS X and Tvos Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors. | 5.0 |