CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-5782 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
2 CVE-2015-5781 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
3 CVE-2015-5768 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
4 CVE-2015-5749 200 Bypass +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
5 CVE-2015-5747 399 DoS 2015-08-16 2015-08-19
4.9
None Local Low Not required None None Complete
The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors.
6 CVE-2015-4000 310 2015-05-20 2015-08-25
4.3
None Remote Medium Not required None Partial None
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
7 CVE-2015-3807 119 DoS Overflow Mem. Corr. +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
8 CVE-2015-3793 264 Bypass 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
9 CVE-2015-3786 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
The Bluetooth subsystem in Apple OS X before 10.10.5 does not properly restrict Notification Center Service access, which allows attackers to read Notification Center notifications of certain paired devices via a crafted app.
10 CVE-2015-3782 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app.
11 CVE-2015-3781 79 XSS 2015-08-16 2015-08-19
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search.
12 CVE-2015-3780 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
13 CVE-2015-3774 20 +Info 2015-08-16 2015-08-19
4.8
None Local Network Low Not required Partial Partial None
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.
14 CVE-2015-3766 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
15 CVE-2015-3764 200 +Info 2015-08-16 2015-08-19
4.3
None Remote Medium Not required Partial None None
Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app.
16 CVE-2015-3763 19 DoS 2015-08-16 2015-08-19
4.3
None Remote Medium Not required None None Partial
Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
17 CVE-2015-3759 264 Bypass 2015-08-16 2015-08-19
4.6
None Local Low Not required Partial Partial Partial
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
18 CVE-2015-3758 20 Bypass 2015-08-16 2015-08-19
4.3
None Remote Medium Not required None Partial None
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
19 CVE-2015-3755 254 2015-08-16 2015-08-18
4.3
None Remote Medium Not required None Partial None
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
20 CVE-2015-3754 200 +Info 2015-08-16 2015-08-18
4.3
None Remote Medium Not required Partial None None
The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site.
21 CVE-2015-3729 254 2015-08-16 2015-08-18
4.3
None Remote Medium Not required None Partial None
Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not indicate what web site originated an input prompt, which allows remote attackers to conduct spoofing attacks via a crafted site.
22 CVE-2015-3728 254 2015-07-02 2015-07-08
4.8
None Local Network Low Not required Partial Partial None
The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi-Fi access points to trigger an automatic association, with an arbitrary security type, by operating with a recognized ESSID within an 802.11 network's coverage area.
23 CVE-2015-3726 20 Exec Code 2015-07-02 2015-07-08
4.6
None Local Low Not required Partial Partial Partial
The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.
24 CVE-2015-3725 399 DoS 2015-07-02 2015-07-08
4.3
None Remote Medium Not required None None Partial
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.
25 CVE-2015-3722 254 DoS 2015-07-02 2015-07-07
4.3
None Remote Medium Not required None None Partial
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.
26 CVE-2015-3721 200 +Info 2015-07-02 2015-07-07
4.3
None Remote Medium Not required Partial None None
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
27 CVE-2015-3720 200 +Info 2015-07-02 2015-07-07
4.3
None Remote Medium Not required Partial None None
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.
28 CVE-2015-3716 77 Exec Code 2015-07-02 2015-07-07
4.4
None Local Medium Not required Partial Partial Partial
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
29 CVE-2015-3711 200 +Info 2015-07-02 2015-07-07
4.3
None Remote Medium Not required Partial None None
The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
30 CVE-2015-3710 254 2015-07-02 2015-07-07
4.3
None Remote Medium Not required None Partial None
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
31 CVE-2015-3690 200 +Info 2015-07-02 2015-07-06
4.3
None Remote Medium Not required Partial None None
The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
32 CVE-2015-3677 200 +Info 2015-07-02 2015-07-06
4.3
None Remote Medium Not required Partial None None
The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
33 CVE-2015-3676 200 +Info 2015-07-02 2015-07-06
4.3
None Remote Medium Not required Partial None None
AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.
34 CVE-2015-3660 79 XSS 2015-07-02 2015-07-07
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.
35 CVE-2015-2808 310 2015-03-31 2015-08-17
4.3
None Remote Medium Not required Partial None None
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
36 CVE-2015-1156 264 Bypass 2015-05-07 2015-07-13
4.3
None Remote Medium Not required None Partial None
The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.
37 CVE-2015-1155 264 Bypass 2015-05-07 2015-07-13
4.3
None Remote Medium Not required Partial None None
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
38 CVE-2015-1141 DoS 2015-04-10 2015-04-29
4.9
None Local Low Not required None None Complete
The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors.
39 CVE-2015-1138 20 DoS 2015-04-10 2015-04-29
4.9
None Local Low Not required None None Complete
Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors.
40 CVE-2015-1129 310 2015-04-10 2015-04-14
4.3
None Remote Medium Not required Partial None None
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site.
41 CVE-2015-1126 20 2015-04-10 2015-04-14
4.3
None Remote Medium Not required Partial None None
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.
42 CVE-2015-1125 17 2015-04-10 2015-04-14
4.3
None Remote Medium Not required None Partial None
The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site.
43 CVE-2015-1115 284 Bypass 2015-04-10 2015-04-14
4.4
None Local Medium Not required Partial Partial Partial
The Telephony component in Apple iOS before 8.3 allows attackers to bypass a sandbox protection mechanism and access unintended telephone capabilities via a crafted app.
44 CVE-2015-1099 362 DoS 2015-04-10 2015-04-14
4.0
None Local High Not required None None Complete
Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.
45 CVE-2015-1091 200 Bypass +Info 2015-04-10 2015-04-14
4.3
None Remote Medium Not required Partial None None
The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
46 CVE-2015-1067 310 2015-03-10 2015-04-13
4.3
None Remote Medium Not required None Partial None
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637.
47 CVE-2014-8838 264 Bypass 2015-01-30 2015-02-18
4.3
None Remote Medium Not required None Partial None
The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted app.
48 CVE-2014-8832 200 +Info 2015-01-30 2015-02-18
4.9
None Local Low Not required Complete None None
The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive.
49 CVE-2014-8823 264 2015-01-30 2015-02-18
4.7
None Local Medium Not required Complete None None
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument.
50 CVE-2014-4498 17 2015-01-30 2015-02-18
4.9
None Local Low Not required None Complete None
The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue.
Total number of vulnerabilities : 420   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.