WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.
Max CVSS
10.0
EPSS Score
0.15%
Published
2014-04-23
Updated
2014-04-24
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application.
Max CVSS
10.0
EPSS Score
0.18%
Published
2014-04-23
Updated
2014-04-23
Intel Graphics Driver in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenGL API call, which allows attackers to execute arbitrary code via a crafted application.
Max CVSS
10.0
EPSS Score
0.45%
Published
2014-07-01
Updated
2015-11-20
Intel Compute in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenCL API call, which allows attackers to execute arbitrary code via a crafted application.
Max CVSS
10.0
EPSS Score
0.45%
Published
2014-07-01
Updated
2015-11-20
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.
Max CVSS
10.0
EPSS Score
0.55%
Published
2014-07-01
Updated
2015-11-20
Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a 32-bit executable file for a crafted application.
Max CVSS
10.0
EPSS Score
0.30%
Published
2014-07-01
Updated
2015-11-20
IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app.
Max CVSS
10.0
EPSS Score
0.80%
Published
2015-01-30
Updated
2019-03-08
Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app.
Max CVSS
10.0
EPSS Score
1.51%
Published
2015-01-30
Updated
2019-03-08
IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly validate resource-queue metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
Max CVSS
10.0
EPSS Score
2.08%
Published
2015-01-30
Updated
2019-03-08
IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly initialize event queues, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
Max CVSS
10.0
EPSS Score
2.08%
Published
2015-01-30
Updated
2019-03-08
The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app.
Max CVSS
10.0
EPSS Score
2.19%
Published
2015-01-30
Updated
2019-03-08
Integer signedness error in IOBluetoothFamily in the Bluetooth implementation in Apple OS X before 10.10 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (write to kernel memory) via a crafted app.
Max CVSS
10.0
EPSS Score
0.57%
Published
2015-01-30
Updated
2015-11-30
coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpc_dictionary_get_value API return values during handling of a (1) match_mmap_archives, (2) delete_mmap_archives, (3) write_mmap_archive, or (4) read_mmap_archive command.
Max CVSS
10.0
EPSS Score
1.08%
Published
2015-01-30
Updated
2017-09-08
IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method.
Max CVSS
10.0
EPSS Score
0.61%
Published
2015-01-30
Updated
2017-09-08
The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
Max CVSS
10.0
EPSS Score
0.61%
Published
2015-01-30
Updated
2017-09-08
The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (arbitrary-size bzero of kernel memory) via a crafted app.
Max CVSS
10.0
EPSS Score
1.01%
Published
2015-01-30
Updated
2017-09-08
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
Max CVSS
10.0
EPSS Score
1.64%
Published
2015-01-10
Updated
2016-10-18
CVE-2015-0235
Public exploit
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
Max CVSS
10.0
EPSS Score
97.52%
Published
2015-01-28
Updated
2022-07-05
Off-by-one error in IOAcceleratorFamily in Apple OS X through 10.10.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.
Max CVSS
10.0
EPSS Score
0.59%
Published
2015-03-12
Updated
2015-09-11
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.
Max CVSS
10.0
EPSS Score
0.04%
Published
2015-04-10
Updated
2019-01-31
The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data.
Max CVSS
10.0
EPSS Score
0.65%
Published
2015-10-09
Updated
2016-12-08
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.
Max CVSS
10.0
EPSS Score
0.04%
Published
2015-09-18
Updated
2016-12-22
Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Apple OS X before 10.11 and watchOS before 2, has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.89%
Published
2015-10-09
Updated
2019-04-23
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
Max CVSS
10.0
EPSS Score
3.61%
Published
2015-10-23
Updated
2016-12-24
The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname.
Max CVSS
10.0
EPSS Score
0.35%
Published
2015-12-11
Updated
2017-09-13