Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-3145 8Apple CanonicalDebian+5 more 9Curl Debian LinuxFedora+6 more May 6, 2026 Apr 24, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly hav...Show more The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.Show less
CVE-2015-3143 5Apple CanonicalDebian+2 more 6Curl Debian LinuxLibcurl+3 more May 6, 2026 Apr 24, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
CVE-2015-1148 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file.
CVE-2015-1147 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by snif...Show more Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network.Show less
CVE-2015-1146 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 1.9 LOW· v2 The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE...Show more The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145.Show less
CVE-2015-1145 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 1.9 LOW· v2 The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE...Show more The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146.Show less
CVE-2015-1144 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier.
CVE-2015-1143 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue.
CVE-2015-1142 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data.
CVE-2015-1141 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors.
CVE-2015-1140 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors.
CVE-2015-1139 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file.
CVE-2015-1138 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors.
CVE-2015-1137 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type.
CVE-2015-1136 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex.
CVE-2015-1135 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1134...Show more fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1134.Show less
CVE-2015-1134 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135...Show more fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135.Show less
CVE-2015-1133 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135...Show more fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135.Show less
CVE-2015-1132 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135...Show more fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.Show less
CVE-2015-1131 1Apple 1Mac Os X May 6, 2026 Apr 10, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135...Show more fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.Show less

Previous 1...102103104...161 Next