Apple macOS vulnerabilities

3,139 known vulnerabilities affecting apple/mac_os_x.

Total CVEs

3,139

CISA KEV

actively exploited

Public exploits

277

Exploited in wild

Severity breakdown

CRITICAL302HIGH1409MEDIUM1236LOW192

Vulnerabilities

Page 89 of 157

CVE-2015-5933MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5933 [MEDIUM] CWE-119 CVE-2015-5933: Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a deni Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, a different vulnerability than CVE-2015-5934.

nvd

CVE-2015-7006MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-7006 [MEDIUM] CWE-22 CVE-2015-7006: Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9 Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.

nvd

CVE-2015-6985MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-6985 [MEDIUM] CWE-119 CVE-2015-6985: Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web page.

nvd

CVE-2015-6989MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-6989 [MEDIUM] CWE-119 CVE-2015-6989: Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.

nvd

CVE-2015-7020MEDIUMCVSS 5.6≤ 10.11.02015-10-23

CVE-2015-7020 [MEDIUM] CVE-2015-7020: The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7019.

nvd

CVE-2015-7019MEDIUMCVSS 5.6≤ 10.11.02015-10-23

CVE-2015-7019 [MEDIUM] CWE-119 CVE-2015-7019: The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via unspecified vectors, a different vulnerability than CVE-2015-7020.

nvd

CVE-2015-5939MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5939 [MEDIUM] CVE-2015-5939: ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and CVE-2015-5937.

nvd

CVE-2015-6978MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-6978 [MEDIUM] CVE-2015-6978: FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018.

nvd

CVE-2015-5925MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5925 [MEDIUM] CWE-119 CVE-2015-5925: The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 al The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5926.

nvd

CVE-2015-7018MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-7018 [MEDIUM] CVE-2015-7018: FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7010.

nvd

CVE-2015-5937MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5937 [MEDIUM] CVE-2015-5937: ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and CVE-2015-5939.

nvd

CVE-2015-5944MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5944 [MEDIUM] CWE-119 CVE-2015-5944: CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a d CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

nvd

CVE-2015-7009MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-7009 [MEDIUM] CVE-2015-7009: FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7010, and CVE-2015-7018.

nvd

CVE-2015-5938MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5938 [MEDIUM] CWE-119 CVE-2015-5938: ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a de ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image.

nvd

CVE-2015-7003MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-7003 [MEDIUM] CWE-264 CVE-2015-7003: coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, coreaudiod in Audio in Apple OS X before 10.11.1 does not initialize an unspecified data structure, which allows attackers to execute arbitrary code via a crafted app.

nvd

CVE-2015-6991MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-6991 [MEDIUM] CVE-2015-6991: FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018.

nvd

CVE-2015-6990MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-6990 [MEDIUM] CVE-2015-6990: FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018.

nvd

CVE-2015-7010MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-7010 [MEDIUM] CVE-2015-7010: FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, and CVE-2015-7018.

nvd

CVE-2015-5940MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5940 [MEDIUM] CWE-119 CVE-2015-5940: The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threa The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

nvd

CVE-2015-5936MEDIUMCVSS 6.8≤ 10.11.02015-10-23

CVE-2015-5936 [MEDIUM] CVE-2015-5936: ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5937, and CVE-2015-5939.

nvd

← Previous89 / 157Next →