|
269551
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app.
|
CWE-20
Improper Input Validation
|
CVE-2015-7004
|
2024-11-21 11:36 |
2015-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269552
|
- |
|
apple
|
iphone_os
|
Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phon…
|
CWE-200
Information Exposure
|
CVE-2015-7000
|
2024-11-21 11:36 |
2015-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269553
|
- |
|
apple
|
iphone_os
|
The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.
|
CWE-254
7PK - Security Features
|
CVE-2015-6999
|
2024-11-21 11:36 |
2015-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269554
|
- |
|
apple
|
iphone_os
watchos
|
The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it eas…
|
CWE-254
7PK - Security Features
|
CVE-2015-6997
|
2024-11-21 11:36 |
2015-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269555
|
- |
|
apple
|
mac_os_x
iphone_os
itunes
|
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6992
|
2024-11-21 11:36 |
2015-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269556
|
- |
|
nintex
|
k2_blackpearl
k2_for_sharepoint
k2_smartforms
|
SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter.
|
CWE-89
SQL Injection
|
CVE-2015-7299
|
2024-11-21 11:36 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269557
|
- |
|
apple
|
iwork
pages
|
The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7034
|
2024-11-21 11:36 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269558
|
- |
|
apple
|
numbers
pages
keynote
iwork
|
The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of se…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7033
|
2024-11-21 11:36 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269559
|
- |
|
apple
|
numbers
iwork
pages
keynote
|
The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to obtain sensitive information via a crafted doc…
|
CWE-200
Information Exposure
|
CVE-2015-7032
|
2024-11-21 11:36 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269560
|
- |
|
mozilla
|
firefox
|
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin re…
|
CWE-284
Improper Access Control
|
CVE-2015-7184
|
2024-11-21 11:36 |
2015-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
