|
2961
|
-
6.8
|
MEDIUM
|
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3727
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2962
|
-
4.6
|
MEDIUM
|
The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.
|
CWE-20
Improper Input Validation
|
CVE-2015-3726
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2963
|
-
4.3
|
MEDIUM
|
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted…
|
CWE-399
Resource Management Errors
|
CVE-2015-3725
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2964
|
-
6.8
|
MEDIUM
|
CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulner…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3724
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2965
|
-
6.8
|
MEDIUM
|
CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulner…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3723
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2966
|
-
4.3
|
MEDIUM
|
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal pr…
|
CWE-254
7PK - Security Features
|
CVE-2015-3722
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2967
|
-
4.3
|
MEDIUM
|
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-3721
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2968
|
-
6.8
|
MEDIUM
|
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3719
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2969
|
-
7.5
|
HIGH
|
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service…
|
CWE-120
Classic Buffer Overflow
|
CVE-2015-3717
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.4
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2970
|
-
4.3
|
MEDIUM
|
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
|
CWE-254
7PK - Security Features
|
CVE-2015-3710
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.3
|
|
|
2024-11-21 11:29
2015-07-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|