CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X : Security Vulnerabilities Published In 2015 (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-7110 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
6.9
None Local Medium Not required Complete Complete Complete
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
2 CVE-2015-7108 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
3 CVE-2015-7106 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
4 CVE-2015-7084 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
5 CVE-2015-7083 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
6 CVE-2015-7078 +Priv 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.
7 CVE-2015-7077 119 DoS Overflow +Priv 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
8 CVE-2015-7076 DoS +Priv 2015-12-11 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
9 CVE-2015-7063 264 +Priv 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
The kernel loader in EFI in Apple OS X before 10.11.2 allows local users to gain privileges via a crafted pathname.
10 CVE-2015-7052 264 +Priv 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors.
11 CVE-2015-7047 20 +Priv 2015-12-11 2017-09-12
7.2
Admin Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
12 CVE-2015-7021 119 DoS Overflow +Priv Mem. Corr. 2015-10-23 2015-10-26
7.2
None Local Low Not required Complete Complete Complete
The Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to gain privileges or cause a denial of service (kernel memory corruption) via unspecified vectors.
13 CVE-2015-7016 264 +Priv Bypass 2015-10-23 2015-10-26
7.6
None Remote High Not required Complete Complete Complete
The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app.
14 CVE-2015-5945 20 +Priv 2015-10-23 2015-10-26
7.2
None Local Low Not required Complete Complete Complete
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.
15 CVE-2015-5932 +Priv 2015-10-23 2015-10-26
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.
16 CVE-2015-5903 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
10.0
None Remote Low Not required Complete Complete Complete
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.
17 CVE-2015-5899 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
18 CVE-2015-5897 264 +Priv 2015-10-09 2016-12-07
4.6
None Local Low Not required Partial Partial Partial
The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using an environment variable to inject code into processes that rely on this framework.
19 CVE-2015-5896 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903.
20 CVE-2015-5891 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-07
7.2
None Local Low Not required Complete Complete Complete
The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
21 CVE-2015-5890 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-07
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5873.
22 CVE-2015-5877 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5830.
23 CVE-2015-5873 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5890.
24 CVE-2015-5872 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890.
25 CVE-2015-5871 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890.
26 CVE-2015-5868 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903.
27 CVE-2015-5847 119 DoS Overflow +Priv Mem. Corr. 2015-09-18 2016-12-21
7.2
None Local Low Not required Complete Complete Complete
The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
28 CVE-2015-5830 119 DoS Overflow +Priv Mem. Corr. 2015-10-09 2016-12-09
7.2
None Local Low Not required Complete Complete Complete
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877.
29 CVE-2015-5774 119 Overflow +Priv 2015-08-16 2016-12-23
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.
30 CVE-2015-5763 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
31 CVE-2015-3800 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2016-12-23
7.2
None Local Low Not required Complete Complete Complete
The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
32 CVE-2015-3777 119 Overflow +Priv 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages.
33 CVE-2015-3772 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.
34 CVE-2015-3771 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.
35 CVE-2015-3769 119 DoS Overflow +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.
36 CVE-2015-3767 264 DoS +Priv Mem. Corr. 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
37 CVE-2015-3761 264 +Priv 2015-08-16 2017-09-20
7.2
Admin Local Low Not required Complete Complete Complete
The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
38 CVE-2015-3760 20 +Priv 2015-08-16 2017-09-20
7.2
None Local Low Not required Complete Complete Complete
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
39 CVE-2015-3702 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701.
40 CVE-2015-3701 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3702.
41 CVE-2015-3700 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702.
42 CVE-2015-3699 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.
43 CVE-2015-3698 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.
44 CVE-2015-3697 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.
45 CVE-2015-3696 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.
46 CVE-2015-3695 119 Overflow +Priv 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.
47 CVE-2015-3693 254 DoS +Priv Mem. Corr. 2015-07-02 2016-12-05
9.3
None Remote Medium Not required Complete Complete Complete
Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.
48 CVE-2015-3678 77 DoS +Priv Mem. Corr. 2015-07-02 2017-09-21
7.2
Admin Local Low Not required Complete Complete Complete
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.
49 CVE-2015-1211 264 +Priv 2015-02-06 2017-09-07
7.5
None Remote Low Not required Partial Partial Partial
The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI.
50 CVE-2015-1144 119 Overflow +Priv 2015-04-10 2015-09-17
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier.
Total number of vulnerabilities : 63   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.