CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.
Max CVSS
6.8
EPSS Score
1.52%
Published
2015-08-17
Updated
2016-12-24
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.
Max CVSS
6.8
EPSS Score
1.52%
Published
2015-08-17
Updated
2016-12-24
Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.
Max CVSS
7.5
EPSS Score
3.26%
Published
2015-08-17
Updated
2016-12-24
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
Max CVSS
7.5
EPSS Score
3.26%
Published
2015-08-17
Updated
2016-12-24
QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.
Max CVSS
6.8
EPSS Score
2.00%
Published
2015-08-17
Updated
2016-12-24
The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.
Max CVSS
7.1
EPSS Score
0.69%
Published
2015-08-17
Updated
2016-12-24
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
Max CVSS
6.8
EPSS Score
1.84%
Published
2015-08-17
Updated
2016-12-24
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
Max CVSS
6.8
EPSS Score
3.51%
Published
2015-08-17
Updated
2016-12-24
libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.
Max CVSS
9.3
EPSS Score
0.29%
Published
2015-08-17
Updated
2016-12-24
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.
Max CVSS
6.8
EPSS Score
2.00%
Published
2015-08-17
Updated
2016-12-24
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
Max CVSS
6.8
EPSS Score
1.84%
Published
2015-08-17
Updated
2016-12-24
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-08-17
Updated
2017-09-21
The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.
Max CVSS
4.3
EPSS Score
1.54%
Published
2015-08-11
Updated
2016-12-08
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
Max CVSS
6.8
EPSS Score
1.55%
Published
2015-08-11
Updated
2016-12-08
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
Max CVSS
4.3
EPSS Score
1.31%
Published
2015-08-17
Updated
2019-03-08
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.
Max CVSS
7.5
EPSS Score
3.26%
Published
2015-08-17
Updated
2016-12-24
The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-08-17
Updated
2016-12-24
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.
Max CVSS
7.5
EPSS Score
1.36%
Published
2015-08-17
Updated
2016-12-24
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798.
Max CVSS
7.5
EPSS Score
1.01%
Published
2015-08-17
Updated
2016-12-24
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.
Max CVSS
7.5
EPSS Score
1.25%
Published
2015-08-17
Updated
2017-09-16
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.
Max CVSS
9.3
EPSS Score
0.29%
Published
2015-08-17
Updated
2016-12-24
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.
Max CVSS
9.3
EPSS Score
0.29%
Published
2015-08-16
Updated
2016-12-24
Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
Max CVSS
4.3
EPSS Score
0.69%
Published
2015-08-16
Updated
2016-12-24
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
Max CVSS
6.8
EPSS Score
0.57%
Published
2015-08-16
Updated
2019-02-07
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
Max CVSS
6.8
EPSS Score
0.57%
Published
2015-08-16
Updated
2019-02-07