VYPR

Iphone OS

by Apple Inc.

CVEs (2,060)

  • CVE-2015-8242Dec 15, 2015
    risk 0.00cvss epss 0.04

    The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.

  • CVE-2015-7500Dec 15, 2015
    risk 0.00cvss epss 0.06

    The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

  • CVE-2015-5312Dec 15, 2015
    risk 0.00cvss epss 0.05

    The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

  • CVE-2015-7113Dec 11, 2015
    risk 0.00cvss epss 0.03

    The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a malformed plist.

  • CVE-2015-7111Dec 11, 2015
    risk 0.00cvss epss 0.03

    The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2015-7109Dec 11, 2015
    risk 0.00cvss epss 0.02

    IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2015-7107Dec 11, 2015
    risk 0.00cvss epss 0.03

    QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.

  • CVE-2015-7105Dec 11, 2015
    risk 0.00cvss epss 0.04

    CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

  • CVE-2015-7103Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7102Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7101Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7100Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7099Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7098Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7097Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7096Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7095Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096,…

  • CVE-2015-7094Dec 11, 2015
    risk 0.00cvss epss 0.01

    CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.

  • CVE-2015-7081Dec 11, 2015
    risk 0.00cvss epss 0.02

    iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

  • CVE-2015-7080Dec 11, 2015
    risk 0.00cvss epss 0.00

    Siri in Apple iOS before 9.2 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device in the lock-screen state.

Page 60 of 103