VYPR

watchOS

by Apple Inc.

CVEs (1,578)

  • CVE-2015-5312Dec 15, 2015
    risk 0.00cvss epss 0.05

    The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

  • CVE-2015-7113Dec 11, 2015
    risk 0.00cvss epss 0.03

    The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a malformed plist.

  • CVE-2015-7111Dec 11, 2015
    risk 0.00cvss epss 0.03

    The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2015-7105Dec 11, 2015
    risk 0.00cvss epss 0.04

    CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

  • CVE-2015-7075Dec 11, 2015
    risk 0.00cvss epss 0.04

    CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.

  • CVE-2015-7073Dec 11, 2015
    risk 0.00cvss epss 0.04

    Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.

  • CVE-2015-7072Dec 11, 2015
    risk 0.00cvss epss 0.03

    dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2015-7066Dec 11, 2015
    risk 0.00cvss epss 0.03

    OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064.

  • CVE-2015-7064Dec 11, 2015
    risk 0.00cvss epss 0.03

    OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066.

  • CVE-2015-7061Dec 11, 2015
    risk 0.00cvss epss 0.02

    The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060.

  • CVE-2015-7060Dec 11, 2015
    risk 0.00cvss epss 0.02

    The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061.

  • CVE-2015-7059Dec 11, 2015
    risk 0.00cvss epss 0.02

    The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061.

  • CVE-2015-7054Dec 11, 2015
    risk 0.00cvss epss 0.03

    zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.

  • CVE-2015-7053Dec 11, 2015
    risk 0.00cvss epss 0.04

    ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.

  • CVE-2015-7046Dec 11, 2015
    risk 0.00cvss epss 0.02

    The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges.

  • CVE-2015-7043Dec 11, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042.

  • CVE-2015-7042Dec 11, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043.

  • CVE-2015-7041Dec 11, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.

  • CVE-2015-7040Dec 11, 2015
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.

  • CVE-2015-7038Dec 11, 2015
    risk 0.00cvss epss 0.04

    Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.

Page 76 of 79