iOS

CVEs (2,979)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2015-7018	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7015	Apple Inc. watchOS	—	0.03	Oct 23, 2015	Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.
CVE-2015-7014	Apple Inc. Safari	—	0.03	Oct 23, 2015	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
CVE-2015-7012	Apple Inc. Safari	—	0.02	Oct 23, 2015	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
CVE-2015-7010	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7009	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7008	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7006	Apple Inc. watchOS	—	0.04	Oct 23, 2015	Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
CVE-2015-7002	Apple Inc. Safari	—	0.03	Oct 23, 2015	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
CVE-2015-6994	Apple Inc. iOS	—	0.02	Oct 23, 2015	The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
CVE-2015-6993	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-6991	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-6990	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991,…
CVE-2015-6989	Apple Inc. watchOS	—	0.02	Oct 23, 2015	Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
CVE-2015-6983	Apple Inc. iOS	—	0.02	Oct 23, 2015	Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.
CVE-2015-6978	Apple Inc. iOS	—	0.05	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-6977	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-6976	Apple Inc. iOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-6974	Apple Inc. watchOS	—	0.03	Oct 23, 2015	IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-5942	Apple Inc. watchOS	—	0.03	Oct 23, 2015	FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.

CVE-2015-7018Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7015Oct 23, 2015
Apple Inc.
watchOS
risk 0.00cvss —epss 0.03
Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.
CVE-2015-7014Oct 23, 2015
Apple Inc.
Safari
risk 0.00cvss —epss 0.03
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
CVE-2015-7012Oct 23, 2015
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
CVE-2015-7010Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7009Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7008Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-7006Oct 23, 2015
Apple Inc.
watchOS
risk 0.00cvss —epss 0.04
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
CVE-2015-7002Oct 23, 2015
Apple Inc.
Safari
risk 0.00cvss —epss 0.03
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…
CVE-2015-6994Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.02
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
CVE-2015-6993Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-6991Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990,…
CVE-2015-6990Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6991,…
CVE-2015-6989Oct 23, 2015
Apple Inc.
watchOS
risk 0.00cvss —epss 0.02
Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls.
CVE-2015-6983Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.02
Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors.
CVE-2015-6978Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.05
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-6977Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-6976Oct 23, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991,…
CVE-2015-6974Oct 23, 2015
Apple Inc.
watchOS
risk 0.00cvss —epss 0.03
IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-5942Oct 23, 2015
Apple Inc.
watchOS
risk 0.00cvss —epss 0.03
FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-5927.

Page 121 of 149