Apple » Mac Os X : Security Vulnerabilities, CVEs, Published In 2015 CVSS score >= 7

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.

The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.

IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.

Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname.

IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.

The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname.

kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors.

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.

The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root privileges.

The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.

Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.

The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors.

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.

The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app.

Script Editor in Apple OS X before 10.11.1 allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution via unspecified vectors.

The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017.