VYPR

iOS

by Apple Inc.

CVEs (1,639)

  • CVE-2015-5756Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.02

    FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.

  • CVE-2015-5755Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.03

    CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.

  • CVE-2015-5752Aug 17, 2015
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.

  • CVE-2015-5749Aug 17, 2015
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.

  • CVE-2015-5746Aug 17, 2015
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.

  • CVE-2015-3806Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.

  • CVE-2015-3805Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.

  • CVE-2015-3804Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.02

    FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.

  • CVE-2015-3803Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.

  • CVE-2015-3802Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.

  • CVE-2015-3800Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.

  • CVE-2015-3797Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than…

  • CVE-2015-3795Aug 17, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.02

    libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.

  • CVE-2015-3793Aug 17, 2015
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.

  • CVE-2015-3784Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

  • CVE-2015-3782Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app.

  • CVE-2015-3778Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.00

    bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.

  • CVE-2015-3776Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.

  • CVE-2015-3768Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.

  • CVE-2015-3766Aug 16, 2015
    Apple Inc.
    Mac Os X
    risk 0.00cvss epss 0.01

    The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.

Page 71 of 82