|
271981
|
- |
|
apple
|
quicktime
|
QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3765
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271982
|
- |
|
apple
|
mac_os_x
|
Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-3764
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271983
|
- |
|
apple
|
iphone_os
|
Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
|
CWE-19
Data Processing Errors
|
CVE-2015-3763
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271984
|
- |
|
apple
|
mac_os_x
|
The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunct…
|
CWE-200
Information Exposure
|
CVE-2015-3762
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271985
|
- |
|
apple
|
mac_os_x
|
The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3761
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271986
|
- |
|
apple
|
mac_os_x
|
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-3760
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271987
|
- |
|
apple
|
iphone_os
|
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
|
CWE-264
CWE-59
Permissions, Privileges, and Access Controls
Link Following
|
CVE-2015-3759
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271988
|
- |
|
apple
|
iphone_os
|
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2015-3758
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271989
|
- |
|
apple
|
mac_os_x
|
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane.
|
CWE-284
Improper Access Control
|
CVE-2015-3757
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271990
|
- |
|
apple
|
iphone_os
|
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust…
|
CWE-254
7PK - Security Features
|
CVE-2015-3756
|
2024-11-21 11:29 |
2015-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
