Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2015-1143

    LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1142

    LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2015-1141

    The mach_vm_read functionality in the kernel in Apple OS X before 10.10.3 allows local users to cause a denial of service (system crash) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1140

    Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-1139

    ImageIO in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .sgi file.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2015-1138

    Hypervisor in Apple OS X before 10.10.3 allows local users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1137

    The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-1136

    Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1135

    fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1134.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1134

    fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1133

    fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-1132

    fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-1131

    fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-1130

    The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Actively Exploited
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-1129

    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site.... Read more

    Affected Products : iphone_os safari
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-1128

    The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests.... Read more

    Affected Products : safari
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1127

    The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.... Read more

    Affected Products : safari
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-1126

    WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vect... Read more

    Affected Products : iphone_os safari
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-1125

    The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site.... Read more

    Affected Products : iphone_os
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-1124

    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) v... Read more

    Affected Products : itunes iphone_os tvos safari
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292803 Results