CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X : Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2015-5925 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.
452 CVE-2015-5924 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
453 CVE-2015-5903 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
10.0
None Remote Low Not required Complete Complete Complete
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.
454 CVE-2015-5902 DoS 2015-10-09 2016-12-07
4.9
None Local Low Not required None None Complete
The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors.
455 CVE-2015-5900 254 DoS 2015-10-09 2016-12-07
7.1
None Remote Medium Not required None None Complete
The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address.
456 CVE-2015-5899 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
457 CVE-2015-5896 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903.
458 CVE-2015-5891 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-07
7.2
None Local Low Not required Complete Complete Complete
The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
459 CVE-2015-5890 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-07
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5873.
460 CVE-2015-5879 20 DoS Bypass 2015-09-18 2016-12-21
5.0
None Remote Low Not required None None Partial
XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header.
461 CVE-2015-5877 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5830.
462 CVE-2015-5876 119 DoS Exec Code Overflow Mem. Corr. 2015-09-18 2016-12-21
9.3
None Remote Medium Not required Complete Complete Complete
dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
463 CVE-2015-5874 119 DoS Exec Code Overflow Mem. Corr. 2015-09-18 2016-12-21
7.5
None Remote Low Not required Partial Partial Partial
CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
464 CVE-2015-5873 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5890.
465 CVE-2015-5872 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890.
466 CVE-2015-5871 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890.
467 CVE-2015-5868 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903.
468 CVE-2015-5866 119 DoS Exec Code Overflow Mem. Corr. 2015-10-09 2016-12-09
9.3
None Remote Medium Not required Complete Complete Complete
IOHIDFamily in Apple OS X before 10.11 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
469 CVE-2015-5862 119 DoS Overflow Mem. Corr. 2015-09-18 2016-12-21
4.3
None Remote Medium Not required None None Partial
The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file.
470 CVE-2015-5847 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
471 CVE-2015-5840 119 DoS Overflow 2015-09-18 2016-12-21
5.0
None Remote Low Not required None None Partial
The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial of service (overflow fault and app crash) via crafted data.
472 CVE-2015-5830 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877.
473 CVE-2015-5783 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3770.
474 CVE-2015-5778 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.
475 CVE-2015-5777 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.
476 CVE-2015-5776 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.
477 CVE-2015-5775 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
478 CVE-2015-5773 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.
479 CVE-2015-5771 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
6.8
None Remote Medium Not required Partial Partial Partial
Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime file.
480 CVE-2015-5763 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
481 CVE-2015-5761 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
482 CVE-2015-5758 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
483 CVE-2015-5757 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
9.3
None Remote Medium Not required Complete Complete Complete
libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.
484 CVE-2015-5756 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.
485 CVE-2015-5755 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
486 CVE-2015-5750 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
7.5
None Remote Low Not required Partial Partial Partial
Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters.
487 CVE-2015-5748 17 DoS 2015-08-16 2017-09-20
2.1
None Local Low Not required None None Partial
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.
488 CVE-2015-5747 399 DoS 2015-08-16 2017-09-20
4.9
None Local Low Not required None None Complete
The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors.
489 CVE-2015-5523 119 DoS Overflow 2015-08-11 2016-12-07
4.3
None Remote Medium Not required None None Partial
The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.
490 CVE-2015-5522 119 DoS Overflow 2015-08-11 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
491 CVE-2015-5312 399 DoS 2015-12-15 2017-09-13
7.1
None Remote Medium Not required None None Complete
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
492 CVE-2015-4024 399 DoS 2015-06-09 2018-01-04
5.0
None Remote Low Not required None None Partial
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
493 CVE-2015-4021 189 DoS Mem. Corr. 2015-06-09 2018-01-04
5.0
None Remote Low Not required None None Partial
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
494 CVE-2015-3807 119 DoS Overflow Mem. Corr. +Info 2015-08-16 2016-12-23
4.3
None Remote Medium Not required Partial None None
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
495 CVE-2015-3804 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.
496 CVE-2015-3800 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2016-12-23
7.2
None Local Low Not required Complete Complete Complete
The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
497 CVE-2015-3798 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.
498 CVE-2015-3797 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798.
499 CVE-2015-3796 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-15
7.5
None Remote Low Not required Partial Partial Partial
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.
500 CVE-2015-3795 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
9.3
None Remote Medium Not required Complete Complete Complete
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.
Total number of vulnerabilities : 970   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.