|
2791
|
-
4.3
|
MEDIUM
|
The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it eas…
|
CWE-254
7PK - Security Features
|
CVE-2015-6997
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:36
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2792
|
-
7.5
|
HIGH
|
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6992
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:36
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2793
|
-
9.3
|
HIGH
|
com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attackers to execute arbitrary code via a crafted app that leverages an unspecified "type confusion."
|
NVD-CWE-Other
|
CVE-2015-6986
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:35
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2794
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6982
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:35
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2795
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6981
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:35
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2796
|
-
9.3
|
HIGH
|
GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6979
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:35
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2797
|
-
7.5
|
HIGH
|
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6975
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.2
|
|
|
2024-11-21 11:35
2015-10-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2798
|
-
2.1
|
LOW
|
Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which allows physically proximate attackers to read contact data or view photos via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-5923
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.0.1
|
|
|
2024-11-21 11:34
2015-10-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2799
|
-
4.3
|
MEDIUM
|
WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might allow man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-5921
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2800
|
-
4.3
|
MEDIUM
|
The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature.
|
CWE-200
Information Exposure
|
CVE-2015-5916
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|