Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-3807 | 4.3 |
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
|
08-03-2019 - 16:06 | 17-08-2015 - 00:00 | |
CVE-2015-3746 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 18:24 | 16-08-2015 - 23:59 | |
CVE-2015-3745 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 18:17 | 16-08-2015 - 23:59 | |
CVE-2015-3744 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 18:17 | 16-08-2015 - 23:59 | |
CVE-2015-3743 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 18:16 | 16-08-2015 - 23:59 | |
CVE-2015-3742 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 18:14 | 16-08-2015 - 23:59 | |
CVE-2015-3741 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 18:08 | 16-08-2015 - 23:59 | |
CVE-2015-3740 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:45 | 16-08-2015 - 23:59 | |
CVE-2015-3739 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:45 | 16-08-2015 - 23:59 | |
CVE-2015-3738 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:44 | 16-08-2015 - 23:59 | |
CVE-2015-3737 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:42 | 16-08-2015 - 23:59 | |
CVE-2015-3736 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:36 | 16-08-2015 - 23:59 | |
CVE-2015-3735 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:22 | 16-08-2015 - 23:59 | |
CVE-2015-3734 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 17:14 | 16-08-2015 - 23:59 | |
CVE-2015-3733 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 16:58 | 16-08-2015 - 23:59 | |
CVE-2015-3732 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 16:47 | 16-08-2015 - 23:59 | |
CVE-2015-3731 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 16:46 | 16-08-2015 - 23:59 | |
CVE-2015-3730 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
08-02-2019 - 16:41 | 16-08-2015 - 23:59 | |
CVE-2015-3729 | 4.3 |
Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not indicate what web site originated an input prompt, which allows remote attackers to conduct spoofing attacks via a crafted sit
|
08-02-2019 - 16:22 | 16-08-2015 - 23:59 | |
CVE-2015-3747 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
07-02-2019 - 20:17 | 16-08-2015 - 23:59 | |
CVE-2015-3751 | 5.0 |
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with
|
07-02-2019 - 19:52 | 16-08-2015 - 23:59 | |
CVE-2015-3752 | 5.0 |
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allow
|
07-02-2019 - 19:52 | 16-08-2015 - 23:59 | |
CVE-2015-3755 | 4.3 |
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
|
07-02-2019 - 19:51 | 16-08-2015 - 23:59 | |
CVE-2015-3753 | 5.0 |
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy
|
07-02-2019 - 19:51 | 16-08-2015 - 23:59 | |
CVE-2015-3750 | 6.4 |
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requ
|
07-02-2019 - 19:51 | 16-08-2015 - 23:59 | |
CVE-2015-3748 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
07-02-2019 - 19:47 | 16-08-2015 - 23:59 | |
CVE-2015-3749 | 6.8 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site
|
07-02-2019 - 19:45 | 16-08-2015 - 23:59 | |
CVE-2015-3796 | 7.5 |
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a differen
|
16-09-2017 - 01:29 | 17-08-2015 - 00:00 | |
CVE-2014-0191 | 4.3 |
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless
|
29-08-2017 - 01:34 | 21-01-2015 - 14:59 | |
CVE-2015-5773 | 6.8 |
QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5777 | 6.8 |
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE
|
24-12-2016 - 02:59 | 17-08-2015 - 00:01 | |
CVE-2015-5766 | 5.0 |
Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5775 | 7.5 |
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-380
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5770 | 5.8 |
MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3768 | 9.3 |
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-3803 | 7.2 |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3759 | 4.6 |
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-5782 | 4.3 |
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:01 | |
CVE-2015-3778 | 3.3 |
bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-5761 | 6.8 |
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3797 | 7.5 |
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a differen
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3756 | 2.1 |
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-5781 | 4.3 |
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:01 | |
CVE-2015-5769 | 7.1 |
The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5757 | 9.3 |
libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5758 | 6.8 |
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5756 | 6.8 |
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-380
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5776 | 7.5 |
Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5774 | 7.2 |
Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5755 | 6.8 |
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3804 | 7.5 |
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-575
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3763 | 4.3 |
Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-5759 | 5.0 |
WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5746 | 5.0 |
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-5778 | 6.8 |
CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE
|
24-12-2016 - 02:59 | 17-08-2015 - 00:01 | |
CVE-2015-3784 | 5.0 |
Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-5749 | 4.3 |
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3802 | 7.2 |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3776 | 9.3 |
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-3758 | 4.3 |
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-5752 | 5.0 |
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3806 | 7.2 |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3793 | 4.3 |
CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3795 | 9.3 |
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3805 | 7.2 |
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3798 | 7.5 |
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a differen
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3800 | 7.2 |
The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
|
24-12-2016 - 02:59 | 17-08-2015 - 00:00 | |
CVE-2015-3782 | 4.3 |
CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2015-3766 | 4.3 |
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
|
24-12-2016 - 02:59 | 16-08-2015 - 23:59 | |
CVE-2014-3660 | 5.0 |
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing
|
08-12-2016 - 03:05 | 04-11-2014 - 16:55 |