Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2015-5932

    The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.07
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5931

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other We... Read more

    Affected Products : itunes safari
    • EPSS Score: %1.53
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5930

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabil... Read more

    Affected Products : itunes iphone_os safari
    • EPSS Score: %1.08
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5929

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabil... Read more

    Affected Products : itunes iphone_os safari
    • EPSS Score: %1.08
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5928

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabil... Read more

    Affected Products : itunes iphone_os safari
    • EPSS Score: %1.01
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5927

    FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942.... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5926

    The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5925

    The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE... Read more

    Affected Products : mac_os_x iphone_os watchos
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-5924

    The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.87
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7035

    Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.62
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-7031

    The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.... Read more

    Affected Products : mac_os_x_server os_x_server
    • EPSS Score: %0.26
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7030

    The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors.... Read more

    Affected Products : xcode
    • EPSS Score: %0.40
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-7022

    The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.30
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-7017

    CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CV... Read more

    Affected Products : itunes mac_os_x iphone_os
    • EPSS Score: %2.13
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-7005

    WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2... Read more

    Affected Products : iphone_os
    • EPSS Score: %1.31
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.1

    HIGH
    CVE-2015-7004

    The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.53
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-7000

    Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon a... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-6999

    The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.22
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6997

    The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints b... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.25
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-6992

    CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CV... Read more

    Affected Products : itunes mac_os_x iphone_os
    • EPSS Score: %2.13
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291779 Results