Total
1632 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-1104 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-04 | 5.0 MEDIUM | N/A |
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet. | |||||
CVE-2015-1124 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. | |||||
CVE-2015-1069 | 1 Apple | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2015-1076 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2014-4470 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2015-1079 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2015-1100 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-04 | 5.4 MEDIUM | N/A |
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app. | |||||
CVE-2015-1068 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2014-4452 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 5.4 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462. | |||||
CVE-2014-4455 | 1 Apple | 2 Iphone Os, Tvos | 2024-02-04 | 2.1 LOW | N/A |
dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. | |||||
CVE-2015-1101 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-04 | 6.9 MEDIUM | N/A |
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2015-1082 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2015-1117 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-04 | 6.9 MEDIUM | N/A |
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app. | |||||
CVE-2014-4480 | 1 Apple | 2 Iphone Os, Tvos | 2024-02-04 | 10.0 HIGH | N/A |
Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink. | |||||
CVE-2014-4419 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-04 | 1.9 LOW | N/A |
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421. | |||||
CVE-2015-1120 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. | |||||
CVE-2014-1272 | 1 Apple | 2 Iphone Os, Tvos | 2024-02-04 | 6.3 MEDIUM | N/A |
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink. | |||||
CVE-2014-1368 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. | |||||
CVE-2014-4465 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-02-04 | 5.0 MEDIUM | N/A |
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element. | |||||
CVE-2014-4405 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-04 | 9.3 HIGH | N/A |
IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties. |