CVE-2015-3671

HIGH Year: 2015
CVSS v2 Score
7.2
High
Weakness Type
CWE-284
View all →

Vulnerability Description

Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.

Related Vulnerabilities

CVE-2015-2692

CRITICAL
CVSS:10.0(Critical)

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters.

CWE-2842015

CVE-2016-1038

CRITICAL
CVSS:10.0(Critical)

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers...

CWE-2842016

CVE-2016-1041

CRITICAL
CVSS:10.0(Critical)

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers...

CWE-2842016

CVE-2016-1044

CRITICAL
CVSS:10.0(Critical)

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers...

CWE-2842016

CVE-2016-8938

CRITICAL
CVSS:10.0(Critical)

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host cus...

CWE-2842016

CVE-2017-7928

CRITICAL
CVSS:10.0(Critical)

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The de...

CWE-2842017