VYPR

Iphone OS

by Apple Inc.

CVEs (2,060)

  • CVE-2015-7079Dec 11, 2015
    risk 0.00cvss epss 0.03

    dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2015-7075Dec 11, 2015
    risk 0.00cvss epss 0.04

    CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

  • CVE-2015-7074Dec 11, 2015
    risk 0.00cvss epss 0.03

    CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

  • CVE-2015-7073Dec 11, 2015
    risk 0.00cvss epss 0.04

    Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.

  • CVE-2015-7072Dec 11, 2015
    risk 0.00cvss epss 0.03

    dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2015-7070Dec 11, 2015
    risk 0.00cvss epss 0.02

    Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7069.

  • CVE-2015-7069Dec 11, 2015
    risk 0.00cvss epss 0.02

    Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7070.

  • CVE-2015-7066Dec 11, 2015
    risk 0.00cvss epss 0.03

    OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064.

  • CVE-2015-7065Dec 11, 2015
    risk 0.00cvss epss 0.02

    OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2015-7064Dec 11, 2015
    risk 0.00cvss epss 0.03

    OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066.

  • CVE-2015-7062Dec 11, 2015
    risk 0.00cvss epss 0.00

    Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors.

  • CVE-2015-7058Dec 11, 2015
    risk 0.00cvss epss 0.01

    Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.

  • CVE-2015-7055Dec 11, 2015
    risk 0.00cvss epss 0.02

    AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2015-7054Dec 11, 2015
    risk 0.00cvss epss 0.03

    zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.

  • CVE-2015-7053Dec 11, 2015
    risk 0.00cvss epss 0.04

    ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.

  • CVE-2015-7051Dec 11, 2015
    risk 0.00cvss epss 0.03

    MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2015-7050Dec 11, 2015
    risk 0.00cvss epss 0.02

    WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses content extensions, which allows remote attackers to obtain sensitive browsing-history information via a crafted web site.

  • CVE-2015-7048Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096,…

  • CVE-2015-7046Dec 11, 2015
    risk 0.00cvss epss 0.02

    The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges.

  • CVE-2015-7043Dec 11, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.

Page 61 of 103