Filtered by vendor Apple
Subscribe
Total
12581 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5821 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5907 | 1 Apple | 1 Iphone Os | 2016-12-22 | 2.6 LOW | N/A |
| WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate. | |||||
| CVE-2015-5794 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5832 | 1 Apple | 1 Iphone Os | 2016-12-22 | 2.1 LOW | N/A |
| The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-5804 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5803 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5823 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5835 | 1 Apple | 1 Iphone Os | 2016-12-22 | 4.3 MEDIUM | N/A |
| Apple iOS before 9 allows attackers to obtain sensitive information about inter-app communication via a crafted app that conducts an interception attack involving an unspecified URL scheme. | |||||
| CVE-2015-5848 | 1 Apple | 2 Iphone Os, Watchos | 2016-12-22 | 7.2 HIGH | N/A |
| IOAcceleratorFamily in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2015-5808 | 1 Apple | 2 Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5765 | 1 Apple | 2 Iphone Os, Safari | 2016-12-22 | 4.3 MEDIUM | N/A |
| The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5767. | |||||
| CVE-2015-5841 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-22 | 5.0 MEDIUM | N/A |
| The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response. | |||||
| CVE-2015-5792 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5857 | 1 Apple | 1 Iphone Os | 2016-12-22 | 5.0 MEDIUM | N/A |
| Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors. | |||||
| CVE-2015-5843 | 1 Apple | 2 Iphone Os, Watchos | 2016-12-22 | 7.2 HIGH | N/A |
| IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2015-5860 | 1 Apple | 2 Iphone Os, Watchos | 2016-12-22 | 5.0 MEDIUM | N/A |
| The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site. | |||||
| CVE-2015-5814 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2016-12-22 | 6.8 MEDIUM | N/A |
| WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | |||||
| CVE-2015-5855 | 1 Apple | 2 Iphone Os, Watchos | 2016-12-22 | 4.3 MEDIUM | N/A |
| Apple iOS before 9 allows attackers to discover the e-mail address of a player via a crafted Game Center app. | |||||
| CVE-2015-5892 | 1 Apple | 1 Iphone Os | 2016-12-22 | 2.1 LOW | N/A |
| Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device in the lock-screen state. | |||||
| CVE-2015-5838 | 1 Apple | 1 Iphone Os | 2016-12-22 | 4.3 MEDIUM | N/A |
| SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which allows attackers to spoof the dialog windows of an arbitrary app via a crafted app. | |||||