CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X : Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2015-3794 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
6.8
None Remote Medium Not required Partial Partial Partial
The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Unicode string.
502 CVE-2015-3787 20 DoS 2015-08-16 2017-09-20
3.3
None Local Network Low Not required None None Partial
The Bluetooth subsystem in Apple OS X before 10.10.5 allows remote attackers to cause a denial of service via malformed Bluetooth ACL packets.
503 CVE-2015-3783 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
7.5
None Remote Low Not required Partial Partial Partial
SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
504 CVE-2015-3776 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
9.3
None Remote Medium Not required Complete Complete Complete
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.
505 CVE-2015-3773 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
7.5
None Remote Low Not required Partial Partial Partial
The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
506 CVE-2015-3772 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.
507 CVE-2015-3771 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.
508 CVE-2015-3770 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.
509 CVE-2015-3769 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.
510 CVE-2015-3767 264 DoS +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
511 CVE-2015-3719 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.
512 CVE-2015-3717 119 DoS Exec Code Overflow 2015-07-02 2017-09-21
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
513 CVE-2015-3713 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file.
514 CVE-2015-3712 119 DoS Exec Code Overflow 2015-07-02 2017-09-21
9.3
Admin Remote Medium Not required Complete Complete Complete
The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.
515 CVE-2015-3707 DoS Exec Code 2015-07-02 2017-09-21
9.3
Admin Remote Medium Not required Complete Complete Complete
The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
516 CVE-2015-3706 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
9.3
None Remote Medium Not required Complete Complete Complete
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.
517 CVE-2015-3705 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
9.3
None Remote Medium Not required Complete Complete Complete
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.
518 CVE-2015-3703 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.
519 CVE-2015-3694 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.
520 CVE-2015-3693 254 DoS +Priv Mem. Corr. 2015-07-02 2016-12-05
9.3
None Remote Medium Not required Complete Complete Complete
Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.
521 CVE-2015-3689 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688.
522 CVE-2015-3688 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.
523 CVE-2015-3687 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.
524 CVE-2015-3686 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.
525 CVE-2015-3685 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.
526 CVE-2015-3684 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
527 CVE-2015-3683 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
9.3
None Remote Medium Not required Complete Complete Complete
The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
528 CVE-2015-3682 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3681.
529 CVE-2015-3681 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682.
530 CVE-2015-3680 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682.
531 CVE-2015-3679 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-2015-3682.
532 CVE-2015-3678 77 DoS +Priv Mem. Corr. 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
533 CVE-2015-3674 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
7.5
None Remote Low Not required Partial Partial Partial
afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
534 CVE-2015-3669 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665.
535 CVE-2015-3668 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3667.
536 CVE-2015-3667 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3668.
537 CVE-2015-3666 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3667, and CVE-2015-3668.
538 CVE-2015-3663 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.
539 CVE-2015-3662 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.
540 CVE-2015-3661 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.
541 CVE-2015-3659 264 DoS Exec Code 2015-07-02 2016-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
542 CVE-2015-3416 119 DoS Overflow 2015-04-24 2018-07-18
7.5
None Remote Low Not required Partial Partial Partial
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
543 CVE-2015-3415 20 DoS 2015-04-24 2018-07-18
7.5
None Remote Low Not required Partial Partial Partial
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
544 CVE-2015-3414 20 DoS 2015-04-24 2018-07-18
7.5
None Remote Low Not required Partial Partial Partial
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.
545 CVE-2015-3330 20 DoS Exec Code 2015-06-09 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
546 CVE-2015-3307 119 DoS Overflow 2015-06-09 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
547 CVE-2015-3145 119 DoS Overflow 2015-04-24 2017-01-02
7.5
None Remote Low Not required Partial Partial Partial
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
548 CVE-2015-3076 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2017-01-05
10.0
None Remote Low Not required Complete Complete Complete
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3070.
549 CVE-2015-3070 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2017-01-05
10.0
None Remote Low Not required Complete Complete Complete
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3076.
550 CVE-2015-3057 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2017-01-03
10.0
None Remote Low Not required Complete Complete Complete
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3070, and CVE-2015-3076.
Total number of vulnerabilities : 970   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.