Mac Os X Security Vulnerabilities and Issues — Mac Os X CVE List

Lucene search

AppleMac Os X

37 matches found

CVE•added 2015/05/21 12:59 a.m.•1135 views

CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then ...

4.3CVSS4.8AI score0.93905EPSS

CVE•added 2015/05/01 3:59 p.m.•112 views

CVE-2015-3153

The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.

5CVSS8.2AI score0.04909EPSS

CVE•added 2015/05/25 10:59 p.m.•110 views

CVE-2014-8146

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (he...

7.5CVSS9.5AI score0.40134EPSS

CVE•added 2015/05/25 10:59 p.m.•102 views

CVE-2014-8147

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service...

7.5CVSS9.4AI score0.4041EPSS

CVE•added 2015/05/13 10:59 a.m.•99 views

CVE-2015-3052

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE...

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•97 views

CVE-2014-9160

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors.

10CVSS7.5AI score0.45307EPSS

CVE•added 2015/05/13 11:0 a.m.•75 views

CVE-2015-3072

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE...

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•72 views

CVE-2015-3048

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unknown vectors.

10CVSS7.7AI score0.11897EPSS

CVE•added 2015/05/13 11:0 a.m.•72 views

CVE-2015-3073

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•71 views

CVE-2015-3066

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/28 1:59 a.m.•68 views

CVE-2015-1157

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2...

7.8CVSS3.8AI score0.03098EPSS

CVE•added 2015/05/13 10:59 a.m.•68 views

CVE-2015-3055

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3059, and CVE-2015-3075.

7.5CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 11:0 a.m.•68 views

CVE-2015-3074

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•66 views

CVE-2015-3047

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors.

5CVSS6.3AI score0.03993EPSS

CVE•added 2015/05/13 10:59 a.m.•66 views

CVE-2015-3051

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•64 views

CVE-2015-3050

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•64 views

CVE-2015-3062

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•64 views

CVE-2015-3070

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•63 views

CVE-2015-3061

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE...

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•63 views

CVE-2015-3064

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•63 views

CVE-2015-3071

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•62 views

CVE-2015-3053

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075.

10CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 11:0 a.m.•62 views

CVE-2015-3068

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•62 views

CVE-2015-3069

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•62 views

CVE-2015-3075

10CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 10:59 a.m.•61 views

CVE-2015-3058

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors.

5CVSS5.9AI score0.05648EPSS

CVE•added 2015/05/13 10:59 a.m.•60 views

CVE-2015-3046

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 11:0 a.m.•60 views

CVE-2015-3065

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•60 views

CVE-2015-3067

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•59 views

CVE-2015-3049

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•59 views

CVE-2015-3056

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•59 views

CVE-2015-3063

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•59 views

CVE-2015-3076

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•57 views

CVE-2015-3059

10CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 10:59 a.m.•56 views

CVE-2015-3054

10CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 10:59 a.m.•55 views

CVE-2015-3057

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•52 views

CVE-2015-3060

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE...

10CVSS6.4AI score0.31105EPSS