Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2015-3725

    MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.60
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3724

    CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723.... Read more

    Affected Products : iphone_os
    • EPSS Score: %1.18
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3723

    CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724.... Read more

    Affected Products : iphone_os
    • EPSS Score: %1.18
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3722

    Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.60
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3721

    The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %0.58
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3720

    The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.30
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3719

    TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.40
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3718

    systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, rela... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.18
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-3717

    Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.... Read more

    Affected Products : mac_os_x iphone_os sqlite
    • EPSS Score: %1.44
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2015-3716

    Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.14
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3715

    The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.57
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-3714

    Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.29
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3713

    QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file.... Read more

    Affected Products : quicktime mac_os_x
    • EPSS Score: %1.40
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3712

    The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.04
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3711

    The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.30
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3710

    Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %0.52
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2015-3709

    Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2015-3708

    kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.50
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3707

    The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.20
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3706

    IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.13
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291002 Results