|
2931
|
-
2.1
|
LOW
|
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust…
|
CWE-254
7PK - Security Features
|
CVE-2015-3756
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4
|
|
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2932
|
-
4.3
|
MEDIUM
|
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
|
CWE-254
7PK - Security Features
|
CVE-2015-3755
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2933
|
-
5.0
|
MEDIUM
|
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows…
|
CWE-200
Information Exposure
|
CVE-2015-3753
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2934
|
-
5.0
|
MEDIUM
|
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict c…
|
CWE-200
Information Exposure
|
CVE-2015-3752
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2935
|
-
5.0
|
MEDIUM
|
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mec…
|
CWE-254
7PK - Security Features
|
CVE-2015-3751
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2936
|
-
6.4
|
MEDIUM
|
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mech…
|
CWE-254
7PK - Security Features
|
CVE-2015-3750
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2937
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3749
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2938
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3748
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2939
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3747
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2940
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3746
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4.1
|
2024-11-21 11:29
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|