National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:apple:iphone_os:8.0.1
There are 1,472 matching records.
Displaying matches 1261 through 1280.
Vuln ID Summary CVSS Severity
CVE-2015-5776

Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.

Published: August 16, 2015; 08:00:59 PM -04:00
    V2: 7.5 HIGH
CVE-2015-5775

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.

Published: August 16, 2015; 08:00:58 PM -04:00
    V2: 7.5 HIGH
CVE-2015-5774

Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.

Published: August 16, 2015; 08:00:57 PM -04:00
    V2: 7.2 HIGH
CVE-2015-5773

QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.

Published: August 16, 2015; 08:00:55 PM -04:00
    V2: 6.8 MEDIUM
CVE-2015-5770

MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.

Published: August 16, 2015; 08:00:51 PM -04:00
    V2: 5.8 MEDIUM
CVE-2015-5769

The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.

Published: August 16, 2015; 08:00:49 PM -04:00
    V2: 7.1 HIGH
CVE-2015-5766

Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.

Published: August 16, 2015; 08:00:47 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-5761

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

Published: August 16, 2015; 08:00:44 PM -04:00
    V2: 6.8 MEDIUM
CVE-2015-5759

WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.

Published: August 16, 2015; 08:00:42 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-5758

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

Published: August 16, 2015; 08:00:41 PM -04:00
    V2: 6.8 MEDIUM
CVE-2015-5757

libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.

Published: August 16, 2015; 08:00:39 PM -04:00
    V2: 9.3 HIGH
CVE-2015-5756

FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.

Published: August 16, 2015; 08:00:38 PM -04:00
    V2: 6.8 MEDIUM
CVE-2015-5755

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.

Published: August 16, 2015; 08:00:36 PM -04:00
    V2: 6.8 MEDIUM
CVE-2015-5752

Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.

Published: August 16, 2015; 08:00:32 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-5749

The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.

Published: August 16, 2015; 08:00:28 PM -04:00
    V2: 4.3 MEDIUM
CVE-2015-5748

The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.

Published: August 16, 2015; 08:00:27 PM -04:00
    V2: 2.1 LOW
CVE-2015-5746

AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.

Published: August 16, 2015; 08:00:24 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-3807

libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.

Published: August 16, 2015; 08:00:22 PM -04:00
    V2: 4.3 MEDIUM
CVE-2015-3806

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.

Published: August 16, 2015; 08:00:21 PM -04:00
    V2: 7.2 HIGH
CVE-2015-3805

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.

Published: August 16, 2015; 08:00:19 PM -04:00
    V2: 7.2 HIGH