Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2015-3685

    CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.90
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3684

    The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %1.79
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3683

    The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.35
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3682

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-36... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.02
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3681

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-36... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.02
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3680

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-36... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.02
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3679

    Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-2015-36... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.02
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-3678

    AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.16
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3677

    The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.30
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-3676

    AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.30
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-3675

    The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.32
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-3674

    afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %2.16
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-3673

    Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %6.03
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-3672

    Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-3671

    Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.05
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3669

    QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665.... Read more

    Affected Products : quicktime mac_os_x
    • EPSS Score: %2.02
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3668

    QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than C... Read more

    Affected Products : quicktime mac_os_x
    • EPSS Score: %3.64
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3667

    QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than C... Read more

    Affected Products : quicktime mac_os_x
    • EPSS Score: %3.24
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3666

    QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than C... Read more

    Affected Products : quicktime mac_os_x
    • EPSS Score: %3.24
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-3665

    QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3669.... Read more

    Affected Products : quicktime
    • EPSS Score: %2.02
    • Published: Jul. 03, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291002 Results