Total
3723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3806 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | N/A |
| Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file. | |||||
| CVE-2015-3805 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | N/A |
| Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. | |||||
| CVE-2015-3804 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.5 HIGH | N/A |
| FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775. | |||||
| CVE-2015-3803 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | N/A |
| Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file. | |||||
| CVE-2015-3802 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | N/A |
| Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805. | |||||
| CVE-2015-3801 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 5.0 MEDIUM | N/A |
| The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors. | |||||
| CVE-2015-3800 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.2 HIGH | N/A |
| The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. | |||||
| CVE-2015-3798 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.5 HIGH | N/A |
| The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797. | |||||
| CVE-2015-3797 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.5 HIGH | N/A |
| The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798. | |||||
| CVE-2015-3796 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 7.5 HIGH | N/A |
| The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798. | |||||
| CVE-2015-3795 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 9.3 HIGH | N/A |
| libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message. | |||||
| CVE-2015-3793 | 1 Apple | 1 Iphone Os | 2024-11-21 | 4.3 MEDIUM | N/A |
| CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app. | |||||
| CVE-2015-3784 | 1 Apple | 6 Iphone Os, Iwork, Keynote and 3 more | 2024-11-21 | 5.0 MEDIUM | N/A |
| Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2015-3782 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 4.3 MEDIUM | N/A |
| CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. | |||||
| CVE-2015-3778 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 3.3 LOW | N/A |
| bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. | |||||
| CVE-2015-3776 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 9.3 HIGH | N/A |
| IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist. | |||||
| CVE-2015-3768 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 9.3 HIGH | N/A |
| Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls. | |||||
| CVE-2015-3766 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 4.3 MEDIUM | N/A |
| The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app. | |||||
| CVE-2015-3763 | 1 Apple | 1 Iphone Os | 2024-11-21 | 4.3 MEDIUM | N/A |
| Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site. | |||||
| CVE-2015-3759 | 1 Apple | 1 Iphone Os | 2024-11-21 | 4.6 MEDIUM | N/A |
| Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink. | |||||