|
2801
|
-
5.0
|
MEDIUM
|
The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses.
|
CWE-17
Code
|
CVE-2015-5912
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2802
|
-
2.6
|
LOW
|
WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2015-5907
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2803
|
-
5.0
|
MEDIUM
|
The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to the final character of a password, which might make it easier for remote attackers to discover a pass…
|
CWE-200
Information Exposure
|
CVE-2015-5906
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2804
|
-
5.0
|
MEDIUM
|
Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted window opener on a web site.
|
CWE-254
7PK - Security Features
|
CVE-2015-5905
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2805
|
-
4.3
|
MEDIUM
|
Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted web site.
|
CWE-254
7PK - Security Features
|
CVE-2015-5904
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2806
|
-
10.0
|
HIGH
|
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5903
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2807
|
-
7.2
|
HIGH
|
libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5899
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2808
|
-
2.1
|
LOW
|
CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.
|
CWE-200
Information Exposure
|
CVE-2015-5898
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2809
|
-
7.2
|
HIGH
|
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5896
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2810
|
-
2.1
|
LOW
|
Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device …
|
CWE-200
Information Exposure
|
CVE-2015-5892
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|