CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X : Security Vulnerabilities Published In 2015 (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-8242 119 DoS Overflow +Info 2015-12-15 2017-09-13
5.8
None Remote Medium Not required Partial None Partial
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
2 CVE-2015-8126 119 DoS Overflow 2015-11-12 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
3 CVE-2015-8035 399 DoS 2015-11-18 2017-09-13
2.6
None Remote High Not required None None Partial
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
4 CVE-2015-7995 DoS 2015-11-17 2017-12-08
5.0
None Remote Low Not required None None Partial
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
5 CVE-2015-7942 119 DoS Overflow 2015-11-18 2017-09-13
6.8
None Remote Medium Not required Partial Partial Partial
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
6 CVE-2015-7804 189 DoS 2015-12-11 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.
7 CVE-2015-7803 DoS 2015-12-11 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.
8 CVE-2015-7760 399 DoS 2015-10-09 2016-12-07
5.0
None Remote Low Not required None None Partial
libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than CVE-2015-7761.
9 CVE-2015-7500 119 DoS Overflow 2015-12-15 2017-09-13
5.0
None Remote Low Not required None None Partial
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
10 CVE-2015-7112 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
9.3
None Remote Medium Not required Complete Complete Complete
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.
11 CVE-2015-7111 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
9.3
None Remote Medium Not required Complete Complete Complete
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.
12 CVE-2015-7110 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
6.9
None Local Medium Not required Complete Complete Complete
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
13 CVE-2015-7109 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
9.3
None Remote Medium Not required Complete Complete Complete
IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
14 CVE-2015-7108 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
15 CVE-2015-7107 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
16 CVE-2015-7106 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
17 CVE-2015-7105 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
18 CVE-2015-7084 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
19 CVE-2015-7083 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
20 CVE-2015-7077 119 DoS Overflow +Priv 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
21 CVE-2015-7076 DoS +Priv 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
22 CVE-2015-7075 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
23 CVE-2015-7074 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
24 CVE-2015-7073 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.
25 CVE-2015-7068 DoS Exec Code 2015-12-11 2017-09-12
9.3
Admin Remote Medium Not required Complete Complete Complete
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
26 CVE-2015-7067 DoS 2015-12-11 2017-09-12
2.1
None Local Low Not required None None Partial
IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type.
27 CVE-2015-7066 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064.
28 CVE-2015-7065 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
29 CVE-2015-7064 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066.
30 CVE-2015-7061 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060.
31 CVE-2015-7060 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061.
32 CVE-2015-7059 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061.
33 CVE-2015-7053 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-12
6.8
None Remote Medium Not required Partial Partial Partial
ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.
34 CVE-2015-7043 DoS 2015-12-11 2017-09-12
4.3
None Remote Medium Not required None None Partial
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.
35 CVE-2015-7042 DoS 2015-12-11 2017-09-12
4.3
None Remote Medium Not required None None Partial
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.
36 CVE-2015-7041 DoS 2015-12-11 2017-09-12
4.3
None Remote Medium Not required None None Partial
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.
37 CVE-2015-7040 DoS 2015-12-11 2017-09-12
4.3
None Remote Medium Not required None None Partial
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.
38 CVE-2015-7036 20 DoS Exec Code 2015-11-21 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.
39 CVE-2015-7021 119 DoS Overflow +Priv Mem. Corr. 2015-10-23 2015-10-26
7.2
None Local Low Not required Complete Complete Complete
The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors.
40 CVE-2015-7020 119 DoS Overflow +Info 2015-10-23 2015-10-26
5.6
None Local Low Not required Partial None Complete
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7019.
41 CVE-2015-7019 119 DoS Overflow +Info 2015-10-23 2015-10-26
5.6
None Local Low Not required Partial None Complete
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7020.
42 CVE-2015-7018 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7010.
43 CVE-2015-7017 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.
44 CVE-2015-7013 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.
45 CVE-2015-7010 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7018.
46 CVE-2015-7009 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7010, and CVE-2015-7018.
47 CVE-2015-7008 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018.
48 CVE-2015-6996 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
49 CVE-2015-6995 119 DoS Exec Code Overflow Mem. Corr. 2015-10-23 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
50 CVE-2015-6994 399 DoS 2015-10-23 2016-12-23
7.1
None Remote Medium Not required None None Complete
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
Total number of vulnerabilities : 225   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.