Vulnerabilities > Apple > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-14 | CVE-2015-3040 | Information Exposure vulnerability in multiple products Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357. | 5.0 |
2015-04-14 | CVE-2015-0357 | Information Exposure vulnerability in Adobe Flash Player Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3040. | 5.0 |
2015-04-10 | CVE-2015-3027 | Permissions, Privileges, and Access Controls vulnerability in Apple Xcode Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via crafted input to an affected C program. | 5.0 |
2015-04-10 | CVE-2015-1148 | Information Exposure vulnerability in Apple mac OS X Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file. | 5.0 |
2015-04-10 | CVE-2015-1147 | Information Exposure vulnerability in Apple mac OS X Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network. | 5.0 |
2015-04-10 | CVE-2015-1141 | Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.3 The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors. | 4.9 |
2015-04-10 | CVE-2015-1139 | Improper Input Validation vulnerability in Apple mac OS X ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file. | 6.8 |
2015-04-10 | CVE-2015-1138 | Improper Input Validation vulnerability in Apple mac OS X Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors. | 4.9 |
2015-04-10 | CVE-2015-1136 | Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.3 Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex. network apple | 6.8 |
2015-04-10 | CVE-2015-1129 | Cryptographic Issues vulnerability in Apple Iphone OS and Safari Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site. | 4.3 |