Apple

watchOS

1646 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-7041

  • EPSS 1.08%
  • Veröffentlicht 11.12.2015 11:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043.

4.3

CVE-2015-7040

  • EPSS 1.08%
  • Veröffentlicht 11.12.2015 11:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043.

6.8

CVE-2015-7039

  • EPSS 27.36%
  • Veröffentlicht 11.12.2015 11:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.

6.8

CVE-2015-7038

  • EPSS 6.46%
  • Veröffentlicht 11.12.2015 11:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039.

6.8

CVE-2015-7001

  • EPSS 0.91%
  • Veröffentlicht 11.12.2015 11:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app.

2.6

CVE-2015-8035

Exploit
  • EPSS 1.05%
  • Veröffentlicht 18.11.2015 16:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.

6.8

CVE-2015-7942

Exploit
  • EPSS 1.46%
  • Veröffentlicht 18.11.2015 16:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via...

5

CVE-2015-7995

Exploit
  • EPSS 3.04%
  • Veröffentlicht 17.11.2015 15:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

6.8

CVE-2015-7015

  • EPSS 1.16%
  • Veröffentlicht 23.10.2015 21:59:49
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the DNS client library in configd in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code via a crafted app that sends a spoofed configd response to a client.

6.8

CVE-2015-7006

  • EPSS 1.26%
  • Veröffentlicht 23.10.2015 21:59:41
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.