Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-3807 4.3
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
08-03-2019 - 16:06 17-08-2015 - 00:00
CVE-2015-3746 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 18:24 16-08-2015 - 23:59
CVE-2015-3744 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 18:17 16-08-2015 - 23:59
CVE-2015-3745 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 18:17 16-08-2015 - 23:59
CVE-2015-3743 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 18:16 16-08-2015 - 23:59
CVE-2015-3742 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 18:14 16-08-2015 - 23:59
CVE-2015-3741 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 18:08 16-08-2015 - 23:59
CVE-2015-3739 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:45 16-08-2015 - 23:59
CVE-2015-3740 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:45 16-08-2015 - 23:59
CVE-2015-3738 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:44 16-08-2015 - 23:59
CVE-2015-3737 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:42 16-08-2015 - 23:59
CVE-2015-3736 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:36 16-08-2015 - 23:59
CVE-2015-3735 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:22 16-08-2015 - 23:59
CVE-2015-3734 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 17:14 16-08-2015 - 23:59
CVE-2015-3733 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 16:58 16-08-2015 - 23:59
CVE-2015-3732 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 16:47 16-08-2015 - 23:59
CVE-2015-3731 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 16:46 16-08-2015 - 23:59
CVE-2015-3730 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
08-02-2019 - 16:41 16-08-2015 - 23:59
CVE-2015-3729 4.3
Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not indicate what web site originated an input prompt, which allows remote attackers to conduct spoofing attacks via a crafted sit
08-02-2019 - 16:22 16-08-2015 - 23:59
CVE-2015-3747 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
07-02-2019 - 20:17 16-08-2015 - 23:59
CVE-2015-3751 5.0
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with
07-02-2019 - 19:52 16-08-2015 - 23:59
CVE-2015-3752 5.0
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allow
07-02-2019 - 19:52 16-08-2015 - 23:59
CVE-2015-3750 6.4
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requ
07-02-2019 - 19:51 16-08-2015 - 23:59
CVE-2015-3753 5.0
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy
07-02-2019 - 19:51 16-08-2015 - 23:59
CVE-2015-3755 4.3
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
07-02-2019 - 19:51 16-08-2015 - 23:59
CVE-2015-3748 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
07-02-2019 - 19:47 16-08-2015 - 23:59
CVE-2015-3749 6.8
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
07-02-2019 - 19:45 16-08-2015 - 23:59
CVE-2015-3796 7.5
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a differen
16-09-2017 - 01:29 17-08-2015 - 00:00
CVE-2014-0191 4.3
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless
29-08-2017 - 01:34 21-01-2015 - 14:59
CVE-2015-3756 2.1
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3758 4.3
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3759 4.6
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3763 4.3
Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3766 4.3
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3768 9.3
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3776 9.3
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3778 3.3
bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3782 4.3
CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3784 5.0
Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3793 4.3
CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3795 9.3
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3797 7.5
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a differen
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3798 7.5
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a differen
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3800 7.2
The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3802 7.2
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3803 7.2
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3804 7.5
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-575
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3805 7.2
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3806 7.2
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5746 5.0
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5749 4.3
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5752 5.0
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5755 6.8
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5756 6.8
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-380
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5757 9.3
libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5758 6.8
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5759 5.0
WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5761 6.8
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5766 5.0
Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5769 7.1
The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5770 5.8
MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5773 6.8
QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5774 7.2
Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5775 7.5
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-380
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5776 7.5
Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5777 6.8
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE
24-12-2016 - 02:59 17-08-2015 - 00:01
CVE-2015-5778 6.8
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE
24-12-2016 - 02:59 17-08-2015 - 00:01
CVE-2015-5781 4.3
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
24-12-2016 - 02:59 17-08-2015 - 00:01
CVE-2015-5782 4.3
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
24-12-2016 - 02:59 17-08-2015 - 00:01
CVE-2014-3660 5.0
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing
08-12-2016 - 03:05 04-11-2014 - 16:55
CVE-2015-5787 4.3
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app.
23-11-2015 - 15:36 22-11-2015 - 03:59
Back to Top Mark selected
Back to Top