iOS

CVEs (1,284)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2015-5812	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5806	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5805	Apple Inc. iTunes	—	0.01	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5804	Apple Inc. iTunes	—	0.01	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5803	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5802	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5801	Apple Inc. iTunes	—	0.01	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5800	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5799	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5797	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5796	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5795	Apple Inc. iTunes	—	0.02	Sep 18, 2015	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5788	Apple Inc. iOS	—	0.01	Sep 18, 2015	The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.
CVE-2014-8611	FreeBSD FreeBSD	—	0.00	Sep 18, 2015	The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via…
CVE-2015-5782	Apple Inc. Mac Os X	—	0.01	Aug 17, 2015	ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
CVE-2015-5775	Apple Inc. Mac Os X	—	0.02	Aug 17, 2015	FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
CVE-2015-5774	Apple Inc. Mac Os X	—	0.00	Aug 17, 2015	Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.
CVE-2015-5770	Apple Inc. Iphone Os	—	0.00	Aug 17, 2015	MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
CVE-2015-5769	Apple Inc. Iphone Os	—	0.01	Aug 17, 2015	The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.
CVE-2015-5766	Apple Inc. Iphone Os	—	0.00	Aug 17, 2015	Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.

CVE-2015-5812Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5806Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5805Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.01
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5804Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.01
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5803Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5802Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5801Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.01
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5800Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5799Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5797Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5796Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5795Sep 18, 2015
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2015-5788Sep 18, 2015
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.
CVE-2014-8611Sep 18, 2015
FreeBSD
FreeBSD
risk 0.00cvss —epss 0.00
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via…
CVE-2015-5782Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
CVE-2015-5775Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.02
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
CVE-2015-5774Aug 17, 2015
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges via unspecified vectors.
CVE-2015-5770Aug 17, 2015
Apple Inc.
Iphone Os
risk 0.00cvss —epss 0.00
MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
CVE-2015-5769Aug 17, 2015
Apple Inc.
Iphone Os
risk 0.00cvss —epss 0.01
The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (device crash) via a crafted video.
CVE-2015-5766Aug 17, 2015
Apple Inc.
Iphone Os
risk 0.00cvss —epss 0.00
Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.

Page 59 of 65