Max CVSS 7.1 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-5766 5.0
Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5770 5.8
MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3759 4.6
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3778 3.3
bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-3756 2.1
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-5769 7.1
The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3763 4.3
Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-5759 5.0
WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5746 5.0
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-5749 4.3
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3758 4.3
UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
24-12-2016 - 02:59 16-08-2015 - 23:59
CVE-2015-5752 5.0
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
24-12-2016 - 02:59 17-08-2015 - 00:00
CVE-2015-3793 4.3
CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
24-12-2016 - 02:59 17-08-2015 - 00:00
Back to Top Mark selected
Back to Top