Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-3805 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.
CVE-2015-3804 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different v...Show more FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.Show less
CVE-2015-3803 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.
CVE-2015-3802 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.
CVE-2015-3800 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
CVE-2015-3798 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.Show less
CVE-2015-3797 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798.Show less
CVE-2015-3796 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.Show less
CVE-2015-3795 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC me...Show more libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.Show less
CVE-2015-3793 1Apple 1Iphone Os May 6, 2026 Aug 17, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
CVE-2015-3784 1Apple 6Iphone Os IworkKeynote+3 more May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, relat...Show more Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.Show less
CVE-2015-3782 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app.
CVE-2015-3778 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 3.3 LOW· v2 bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broa...Show more bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic.Show less
CVE-2015-3776 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.
CVE-2015-3768 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
CVE-2015-3766 1Apple 2Iphone Os Mac Os X May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
CVE-2015-3763 1Apple 1Iphone Os May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Safari in Apple iOS before 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote attackers to cause a denial of service (apparent browser locking) via a crafted web site.
CVE-2015-3759 1Apple 1Iphone Os May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
CVE-2015-3758 1Apple 1Iphone Os May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
CVE-2015-3756 1Apple 1Iphone Os May 6, 2026 Aug 16, 2015 N/A· v4 N/A· v3 2.1 LOW· v2 The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by com...Show more The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.Show less

Previous 1...165166167...201 Next