Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:iphone_os:8.0.1
There are 1,998 matching records.
Displaying matches 1,781 through 1,800.
Vuln ID Summary CVSS Severity
CVE-2015-5789

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:08 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.

Published: September 18, 2015; 6:59:07 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5767

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5765.

Published: September 18, 2015; 6:59:05 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5765

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5767.

Published: September 18, 2015; 6:59:04 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5764

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5765 and CVE-2015-5767.

Published: September 18, 2015; 6:59:03 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3801

The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors.

Published: September 18, 2015; 6:59:02 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-8611

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

Published: September 18, 2015; 6:59:00 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2015-5782

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.

Published: August 16, 2015; 8:01:08 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5781

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.

Published: August 16, 2015; 8:01:06 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5778

CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777.

Published: August 16, 2015; 8:01:03 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5777

CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778.

Published: August 16, 2015; 8:01:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5776

Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.

Published: August 16, 2015; 8:00:59 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-5775

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.

Published: August 16, 2015; 8:00:58 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-5774

Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

Published: August 16, 2015; 8:00:57 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-5773

QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.

Published: August 16, 2015; 8:00:55 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5770

MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.

Published: August 16, 2015; 8:00:51 PM -0400
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2015-5769

The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.

Published: August 16, 2015; 8:00:49 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2015-5766

Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.

Published: August 16, 2015; 8:00:47 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-5761

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

Published: August 16, 2015; 8:00:44 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5759

WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.

Published: August 16, 2015; 8:00:42 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM