Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:iphone_os:1.0.2
There are 2,248 matching records.
Displaying matches 1,681 through 1,700.
Vuln ID Summary CVSS Severity
CVE-2015-1112

Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and other platforms, does not properly delete browsing-history data from the history.plist file, which allows attackers to obtain sensitive information by reading this file.

Published: April 10, 2015; 10:59:27 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1111

Safari in Apple iOS before 8.3 does not delete Recently Closed Tabs data in response to a history-clearing action, which allows attackers to obtain sensitive information by reading a history file.

Published: April 10, 2015; 10:59:26 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1110

The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data.

Published: April 10, 2015; 10:59:25 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1109

NetworkExtension in Apple iOS before 8.3 stores credentials in VPN configuration logs, which makes it easier for physically proximate attackers to obtain sensitive information by reading a log file.

Published: April 10, 2015; 10:59:24 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-1108

The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses.

Published: April 10, 2015; 10:59:23 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-1107

The Lock Screen component in Apple iOS before 8.3 does not properly implement the erasure feature for incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses.

Published: April 10, 2015; 10:59:22 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2015-1106

The QuickType feature in the Keyboards subsystem in Apple iOS before 8.3 allows physically proximate attackers to discover passcodes by reading the lock screen during use of a Bluetooth keyboard.

Published: April 10, 2015; 10:59:21 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-1105

The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets.

Published: April 10, 2015; 10:59:20 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1104

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet.

Published: April 10, 2015; 10:59:20 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1103

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet.

Published: April 10, 2015; 10:59:19 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1102

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.

Published: April 10, 2015; 10:59:18 AM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2015-1101

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: April 10, 2015; 10:59:17 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2015-1100

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.

Published: April 10, 2015; 10:59:16 AM -0400
V3.x:(not available)
V2.0: 5.4 MEDIUM
CVE-2015-1099

Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.

Published: April 10, 2015; 10:59:15 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2015-1098

iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.

Published: April 10, 2015; 10:59:14 AM -0400
V3.1: 7.3 HIGH
V2.0: 6.8 MEDIUM
CVE-2015-1097

IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

Published: April 10, 2015; 10:59:13 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2015-1096

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

Published: April 10, 2015; 10:59:12 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2015-1095

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device.

Published: April 10, 2015; 10:59:11 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-1094

IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

Published: April 10, 2015; 10:59:10 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2015-1093

FontParser in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

Published: April 10, 2015; 10:59:09 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM