VYPR

iOS

by Apple Inc.

CVEs (2,979)

  • CVE-2015-5766Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.

  • CVE-2015-5761Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

  • CVE-2015-5759Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.

  • CVE-2015-5758Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

  • CVE-2015-5757Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.

  • CVE-2015-5756Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.02

    FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.

  • CVE-2015-5755Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.

  • CVE-2015-5752Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.

  • CVE-2015-5749Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.

  • CVE-2015-5746Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.

  • CVE-2015-3806Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.

  • CVE-2015-3805Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.

  • CVE-2015-3804Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.02

    FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.

  • CVE-2015-3803Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.

  • CVE-2015-3802Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.

  • CVE-2015-3800Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.

  • CVE-2015-3797Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than…

  • CVE-2015-3795Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.02

    libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.

  • CVE-2015-3793Aug 17, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.

  • CVE-2015-3784Aug 16, 2015
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Page 128 of 149