CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-4000 310 2015-05-20 2015-07-22
4.3
None Remote Medium Not required None Partial None
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
2 CVE-2015-3728 254 2015-07-02 2015-07-08
4.8
None Local Network Low Not required Partial Partial None
The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi-Fi access points to trigger an automatic association, with an arbitrary security type, by operating with a recognized ESSID within an 802.11 network's coverage area.
3 CVE-2015-3726 20 Exec Code 2015-07-02 2015-07-08
4.6
None Local Low Not required Partial Partial Partial
The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.
4 CVE-2015-3725 399 DoS 2015-07-02 2015-07-08
4.3
None Remote Medium Not required None None Partial
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.
5 CVE-2015-3722 254 DoS 2015-07-02 2015-07-07
4.3
None Remote Medium Not required None None Partial
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.
6 CVE-2015-3721 200 +Info 2015-07-02 2015-07-07
4.3
None Remote Medium Not required Partial None None
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
7 CVE-2015-3720 200 +Info 2015-07-02 2015-07-07
4.3
None Remote Medium Not required Partial None None
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.
8 CVE-2015-3716 77 Exec Code 2015-07-02 2015-07-07
4.4
None Local Medium Not required Partial Partial Partial
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.
9 CVE-2015-3711 200 +Info 2015-07-02 2015-07-07
4.3
None Remote Medium Not required Partial None None
The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
10 CVE-2015-3710 254 2015-07-02 2015-07-07
4.3
None Remote Medium Not required None Partial None
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
11 CVE-2015-3690 200 +Info 2015-07-02 2015-07-06
4.3
None Remote Medium Not required Partial None None
The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
12 CVE-2015-3677 200 +Info 2015-07-02 2015-07-06
4.3
None Remote Medium Not required Partial None None
The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
13 CVE-2015-3676 200 +Info 2015-07-02 2015-07-06
4.3
None Remote Medium Not required Partial None None
AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.
14 CVE-2015-3660 79 XSS 2015-07-02 2015-07-07
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.
15 CVE-2015-2808 310 2015-03-31 2015-07-16
4.3
None Remote Medium Not required Partial None None
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
16 CVE-2015-1156 264 Bypass 2015-05-07 2015-07-13
4.3
None Remote Medium Not required None Partial None
The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.
17 CVE-2015-1155 264 Bypass 2015-05-07 2015-07-13
4.3
None Remote Medium Not required Partial None None
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
18 CVE-2015-1141 DoS 2015-04-10 2015-04-29
4.9
None Local Low Not required None None Complete
The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors.
19 CVE-2015-1138 20 DoS 2015-04-10 2015-04-29
4.9
None Local Low Not required None None Complete
Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors.
20 CVE-2015-1129 310 2015-04-10 2015-04-14
4.3
None Remote Medium Not required Partial None None
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site.
21 CVE-2015-1126 20 2015-04-10 2015-04-14
4.3
None Remote Medium Not required Partial None None
WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.
22 CVE-2015-1125 17 2015-04-10 2015-04-14
4.3
None Remote Medium Not required None Partial None
The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site.
23 CVE-2015-1115 284 Bypass 2015-04-10 2015-04-14
4.4
None Local Medium Not required Partial Partial Partial
The Telephony component in Apple iOS before 8.3 allows attackers to bypass a sandbox protection mechanism and access unintended telephone capabilities via a crafted app.
24 CVE-2015-1099 362 DoS 2015-04-10 2015-04-14
4.0
None Local High Not required None None Complete
Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.
25 CVE-2015-1091 200 Bypass +Info 2015-04-10 2015-04-14
4.3
None Remote Medium Not required Partial None None
The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
26 CVE-2015-1067 310 2015-03-10 2015-04-13
4.3
None Remote Medium Not required None Partial None
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637.
27 CVE-2014-8838 264 Bypass 2015-01-30 2015-02-18
4.3
None Remote Medium Not required None Partial None
The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted app.
28 CVE-2014-8832 200 +Info 2015-01-30 2015-02-18
4.9
None Local Low Not required Complete None None
The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive.
29 CVE-2014-8823 264 2015-01-30 2015-02-18
4.7
None Local Medium Not required Complete None None
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument.
30 CVE-2014-4498 17 2015-01-30 2015-02-18
4.9
None Local Low Not required None Complete None
The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue.
31 CVE-2014-4467 17 2015-01-30 2015-02-02
4.3
None Remote Medium Not required None Partial None
WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.
32 CVE-2014-4444 287 +Priv 2014-10-17 2014-10-31
4.4
None Local Medium Not required Partial Partial Partial
SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login.
33 CVE-2014-4442 20 DoS 2014-10-17 2014-10-31
4.7
None Local Medium Not required None None Complete
The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket.
34 CVE-2014-4438 362 2014-10-17 2014-10-31
4.4
None Local Medium Not required Partial Partial Partial
Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted.
35 CVE-2014-4435 287 2014-10-17 2014-10-31
4.4
None Local Medium Not required Partial Partial Partial
The "iCloud Find My Mac" feature in Apple OS X before 10.10 does not properly enforce rate limiting of lost-mode PIN entry, which makes it easier for physically proximate attackers to obtain access via a brute-force attack involving a series of reboots.
36 CVE-2014-4434 20 DoS 2014-10-17 2014-10-31
4.9
None Local Low Not required None None Complete
The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.
37 CVE-2014-4432 310 2014-10-17 2014-10-31
4.0
None Local High Not required Complete None None
fdesetup in Apple OS X before 10.10 does not properly display the encryption status in between a setting-update action and a reboot action, which might make it easier for physically proximate attackers to obtain cleartext data by leveraging ignorance of the reboot requirement.
38 CVE-2014-4430 310 2014-10-17 2014-10-31
4.7
None Local Medium Not required Complete None None
CoreStorage in Apple OS X before 10.10 retains a volume's encryption keys upon an eject action in the unlocked state, which makes it easier for physically proximate attackers to obtain cleartext data via a remount.
39 CVE-2014-4426 200 +Info 2014-10-17 2015-02-06
4.3
None Remote Medium Not required Partial None None
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
40 CVE-2014-4425 287 2014-10-17 2014-10-31
4.6
None Local Low Not required Partial Partial Partial
CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation.
41 CVE-2014-4423 264 Bypass 2014-09-18 2014-09-18
4.3
None Remote Medium Not required Partial None None
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application.
42 CVE-2014-4409 200 +Info 2014-09-18 2014-09-28
4.3
None Remote Medium Not required Partial None None
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
43 CVE-2014-4407 +Info 2014-09-18 2014-10-24
4.3
None Remote Medium Not required Partial None None
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
44 CVE-2014-4406 79 XSS 2014-09-19 2014-10-24
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
45 CVE-2014-4383 20 2014-09-18 2014-09-18
4.3
None Remote Medium Not required None Partial None
The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header.
46 CVE-2014-4364 310 2014-09-18 2014-10-24
4.3
None Remote Medium Not required Partial None None
The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.
47 CVE-2014-4353 362 +Info 2014-09-18 2014-09-18
4.3
None Remote Medium Not required Partial None None
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.
48 CVE-2014-2856 79 XSS 2014-04-18 2015-05-13
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
49 CVE-2014-2019 264 Bypass 2014-02-18 2014-03-16
4.9
None Local Low Not required None Complete None
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value.
50 CVE-2014-1372 264 Bypass +Info 2014-07-01 2014-12-02
4.9
None Local Low Not required Complete None None
Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call.
Total number of vulnerabilities : 400   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.