Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:iphone_os:8.0.1
There are 1,997 matching records.
Displaying matches 1,861 through 1,880.
Vuln ID Summary CVSS Severity
CVE-2015-3726

The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.

Published: July 02, 2015; 10:00:17 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2015-3725

MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.

Published: July 02, 2015; 10:00:16 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3724

CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723.

Published: July 02, 2015; 10:00:15 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3723

CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724.

Published: July 02, 2015; 10:00:14 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3722

Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.

Published: July 02, 2015; 10:00:13 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3721

The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.

Published: July 02, 2015; 10:00:12 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3719

TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.

Published: July 02, 2015; 10:00:10 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3717

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

Published: July 02, 2015; 10:00:08 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-3710

Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.

Published: July 02, 2015; 10:00:02 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3703

ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.

Published: July 02, 2015; 9:59:56 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3694

FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.

Published: July 02, 2015; 9:59:48 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3690

The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.

Published: July 02, 2015; 9:59:45 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3689

CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688.

Published: July 02, 2015; 9:59:44 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3688

CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.

Published: July 02, 2015; 9:59:43 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3687

CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.

Published: July 02, 2015; 9:59:42 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3686

CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.

Published: July 02, 2015; 9:59:41 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3685

CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.

Published: July 02, 2015; 9:59:40 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3684

The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.

Published: July 02, 2015; 9:59:39 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3659

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.

Published: July 02, 2015; 9:59:18 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3658

The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.

Published: July 02, 2015; 9:59:17 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM