Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-6988 10.0
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6991 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6981 6.8
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7005 6.8
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7009 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7006 6.8
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6995 6.8
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7012 6.8
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7022 4.3
The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-6992 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 a
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7008 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6994 7.1
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6986 9.3
com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attackers to execute arbitrary code via a crafted app that leverages an unspecified "type confusion." <a href="http://cwe.mitre.org/data/definitions/843.html
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7002 6.8
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7000 2.1
Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen s
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-6975 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 a
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-6976 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6974 9.3
IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6993 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6978 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7018 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6997 4.3
The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoi
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7014 6.8
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7004 7.1
The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-6999 5.0
The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-6989 6.8
Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6983 8.8
Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors. <a href="http://cwe.mitre.org/data/definitions/415.html">CWE-415: D
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6977 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5940 6.8
The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threading is enabled, omits certain validation and locking steps, which allows remote attackers to execute arbitrary code or cause a denial of service (mem
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7017 7.5
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 a
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7010 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6990 6.8
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-20
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6996 6.8
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6979 9.3
GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-5937 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5927 6.8
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5942
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-6982 6.8
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE
24-12-2016 - 02:59 23-10-2015 - 10:59
CVE-2015-7015 6.8
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-7023 5.8
CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5935 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5925 6.8
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability tha
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5929 6.8
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5942 6.8
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5928 6.8
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5924 6.8
The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5939 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5926 6.8
The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability tha
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5936 6.8
ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-201
24-12-2016 - 02:59 23-10-2015 - 21:59
CVE-2015-5930 6.8
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne
24-12-2016 - 02:59 23-10-2015 - 21:59
Back to Top Mark selected
Back to Top