| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621. |
| Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092. |
| libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115. |
| libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116. |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102. |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103. |
| The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address. |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, and CVE-2015-7103. |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. |
| WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. |
| Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake. |
| dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. |
| The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for app scoped bookmarks via a crafted pathname. |
| Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7069. |
| Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7070. |
| IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service (NULL pointer dereference) via an unspecified userclient type. |
| otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. |
| IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. |
| AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context via a crafted app. |
