Mac Os X Security Vulnerabilities and Issues — Mac Os X CVE List

Lucene search

AppleMac Os X

9 matches found

CVE•added 2016/01/14 10:59 p.m.•3144 views

CVE-2016-0777

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

6.5CVSS6.4AI score0.79763EPSS

CVE•added 2016/01/14 10:59 p.m.•1893 views

CVE-2016-0778

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-...

8.1CVSS7.3AI score0.02711EPSS

CVE•added 2016/01/21 3:59 p.m.•168 views

CVE-2015-8472

Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a smal...

7.5CVSS7.4AI score0.04755EPSS

CVE•added 2016/01/12 7:59 p.m.•63 views

CVE-2015-8659

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

10CVSS7.2AI score0.02313EPSS

CVE•added 2016/01/31 6:59 p.m.•59 views

CVE-2016-1941

The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.

6.1CVSS7.2AI score0.00248EPSS

CVE•added 2016/01/10 3:59 a.m.•56 views

CVE-2015-7115

libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.

4.3CVSS4.8AI score0.00871EPSS

CVE•added 2016/01/11 11:59 a.m.•44 views

CVE-2015-6980

Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.

7.8CVSS6.2AI score0.00039EPSS

CVE•added 2016/01/10 3:59 a.m.•43 views

CVE-2015-7116

4.3CVSS4.8AI score0.00871EPSS

CVE•added 2016/01/11 11:59 a.m.•41 views

CVE-2015-7024

Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature.

6.9CVSS5.8AI score0.00062EPSS