Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:iphone_os:5.0.1:-:ipodtouch
There are 2,065 matching records.
Displaying matches 1,261 through 1,280.
Vuln ID Summary CVSS Severity
CVE-2016-1763

Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended message thread, which allows remote authenticated users to obtain sensitive information by providing a crafted sms: URL and reading a thread.

Published: March 23, 2016; 9:59:31 PM -0400
V3.0: 3.5 LOW
V2.0: 3.5 LOW
CVE-2016-1762

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

Published: March 23, 2016; 9:59:30 PM -0400
V3.0: 8.1 HIGH
V2.0: 5.8 MEDIUM
CVE-2016-1761

libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Published: March 23, 2016; 9:59:29 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-1758

The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.

Published: March 23, 2016; 9:59:27 PM -0400
V3.0: 3.3 LOW
V2.0: 4.3 MEDIUM
CVE-2016-1757

Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: March 23, 2016; 9:59:26 PM -0400
V3.0: 7.0 HIGH
V2.0: 9.3 HIGH
CVE-2016-1756

The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

Published: March 23, 2016; 9:59:25 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1755

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.

Published: March 23, 2016; 9:59:24 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1754

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.

Published: March 23, 2016; 9:59:23 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.

Published: March 23, 2016; 9:59:23 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1752

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app.

Published: March 23, 2016; 9:59:22 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 7.1 HIGH
CVE-2016-1751

The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.

Published: March 23, 2016; 9:59:21 PM -0400
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-1750

Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: March 23, 2016; 9:59:20 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1748

IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

Published: March 23, 2016; 9:59:18 PM -0400
V3.0: 3.3 LOW
V2.0: 4.3 MEDIUM
CVE-2016-1740

FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

Published: March 23, 2016; 9:59:11 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-1734

AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device.

Published: March 23, 2016; 9:59:07 PM -0400
V3.0: 6.8 MEDIUM
V2.0: 7.2 HIGH
CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

Published: March 13, 2016; 2:59:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-0802

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.

Published: February 06, 2016; 8:59:01 PM -0500
V3.0: 8.8 HIGH
V2.0: 8.3 HIGH
CVE-2016-0801

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.

Published: February 06, 2016; 8:59:00 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 8.3 HIGH
CVE-2016-1730

WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal.

Published: February 01, 2016; 6:59:14 AM -0500
V3.0: 5.4 MEDIUM
V2.0: 5.8 MEDIUM
CVE-2016-1728

The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site.

Published: February 01, 2016; 6:59:13 AM -0500
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM