Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-17 | CVE-2015-5746 | Improper Access Control vulnerability in Apple Iphone OS AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling. | 5.0 |
| 2015-08-17 | CVE-2015-3807 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document. | 4.3 |
| 2015-08-17 | CVE-2015-3794 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Unicode string. | 6.8 |
| 2015-08-17 | CVE-2015-3793 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app. | 4.3 |
| 2015-08-17 | CVE-2015-3792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0.0 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | 6.8 |
| 2015-08-17 | CVE-2015-3791 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0.0 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | 6.8 |
| 2015-08-17 | CVE-2015-3790 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0.0 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | 6.8 |
| 2015-08-17 | CVE-2015-3789 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0.0 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | 6.8 |
| 2015-08-16 | CVE-2015-3788 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 7.0.0 QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779. | 6.8 |
| 2015-08-16 | CVE-2015-3786 | Information Exposure vulnerability in Apple mac OS X The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired devices via a crafted app. | 4.3 |