Search Results (4420 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-5876 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2014-1280 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding.
CVE-2015-5874 1 Apple 4 Iphone Os, Itunes, Mac Os X and 1 more 2025-04-12 N/A
CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
CVE-2015-5869 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
CVE-2014-1278 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call.
CVE-2015-5868 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903.
CVE-2015-5867 1 Apple 2 Iphone Os, Watchos 2025-04-12 N/A
IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2014-1276 1 Apple 1 Iphone Os 2025-04-12 N/A
IOKit HID Event in Apple iOS before 7.1 allows attackers to conduct user-action monitoring attacks against arbitrary apps via a crafted app that accesses an IOKit framework interface.
CVE-2015-5863 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors.
CVE-2015-5862 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file.
CVE-2014-1275 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
CVE-2015-5861 1 Apple 1 Iphone Os 2025-04-12 N/A
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors.
CVE-2015-5860 1 Apple 2 Iphone Os, Watchos 2025-04-12 N/A
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site.
CVE-2014-1274 1 Apple 1 Iphone Os 2025-04-12 N/A
FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call.
CVE-2015-5859 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
CVE-2015-5858 1 Apple 2 Iphone Os, Watchos 2025-04-12 N/A
The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL.
CVE-2014-1273 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library.
CVE-2015-5857 1 Apple 1 Iphone Os 2025-04-12 N/A
Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors.
CVE-2015-5856 1 Apple 1 Iphone Os 2025-04-12 N/A
The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL.
CVE-2014-1272 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink.