Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.10.4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-3677
The LZVN compression feature in AppleFSCompression in Apple OS X prior to 10.10.4 allows malicious users to obtain sensitive memory-layout information for the kernel via a crafted app.
Apple Mac Os X
6.9
CVSSv2
CVE-2015-3709
Race condition in kext tools in Apple OS X prior to 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.
Apple Mac Os X
5
CVSSv2
CVE-2015-3714
Apple OS X prior to 10.10.4 does not properly consider custom resource rules during app signature verification, which allows malicious users to bypass intended launch restrictions via a modified app.
Apple Mac Os X
7.2
CVSSv2
CVE-2015-3671
Admin Framework in Apple OS X prior to 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
Apple Mac Os X
4.3
CVSSv2
CVE-2015-3720
The kernel in Apple OS X prior to 10.10.4 does not properly manage memory in kernel-extension APIs, which allows malicious users to obtain sensitive memory-layout information via a crafted app.
Apple Mac Os X
5
CVSSv2
CVE-2015-3675
The default configuration of the Apache HTTP Server on Apple OS X prior to 10.10.4 does not enable the mod_hfs_apple module, which allows remote malicious users to bypass HTTP authentication via a crafted URL.
Apple Mac Os X
9.3
CVSSv2
CVE-2015-3683
The Bluetooth HCI interface implementation in Apple OS X prior to 10.10.4 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Apple Mac Os X
9.3
CVSSv2
CVE-2015-3712
The NVIDIA graphics driver in Apple OS X prior to 10.10.4 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.
Apple Mac Os X
6.8
CVSSv2
CVE-2015-3715
The code-signing implementation in Apple OS X prior to 10.10.4 does not properly consider libraries that are external to an application bundle, which allows malicious users to bypass intended launch restrictions via a crafted library.
Apple Mac Os X
9.3
CVSSv2
CVE-2015-3707
The FireWire driver in IOFireWireFamily in Apple OS X prior to 10.10.4 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
Apple Mac Os X
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »