| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-7022 | 4.3 |
The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app.
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 | |
| CVE-2015-6986 | 9.3 |
com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attackers to execute arbitrary code via a crafted app that leverages an unspecified "type confusion." <a href="http://cwe.mitre.org/data/definitions/843.html
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 | |
| CVE-2015-7000 | 2.1 |
Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen s
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 | |
| CVE-2015-6997 | 4.3 |
The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoi
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 | |
| CVE-2015-7004 | 7.1 |
The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 | |
| CVE-2015-6999 | 5.0 |
The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 | |
| CVE-2015-6979 | 9.3 |
GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
24-12-2016 - 02:59 | 23-10-2015 - 10:59 |