Apple

iPhone OS

3904 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2016-1814

  • EPSS 0.24%
  • Veröffentlicht 20.05.2016 10:59:27
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

9.3

CVE-2016-1813

Exploit
  • EPSS 4.63%
  • Veröffentlicht 20.05.2016 10:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL p...

6.5

CVE-2016-1811

  • EPSS 1.03%
  • Veröffentlicht 20.05.2016 10:59:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.

9.3

CVE-2016-1808

  • EPSS 0.47%
  • Veröffentlicht 20.05.2016 10:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted ap...

5.1

CVE-2016-1807

Exploit
  • EPSS 0.13%
  • Veröffentlicht 20.05.2016 10:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.

7.8

CVE-2016-1803

Exploit
  • EPSS 6.66%
  • Veröffentlicht 20.05.2016 10:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

5.5

CVE-2016-1802

  • EPSS 0.26%
  • Veröffentlicht 20.05.2016 10:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.

7.5

CVE-2016-1801

  • EPSS 7.72%
  • Veröffentlicht 20.05.2016 10:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors.

4.3

CVE-2016-1790

  • EPSS 0.24%
  • Veröffentlicht 20.05.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the Accessibility component in Apple iOS before 9.3.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

6.2

CVE-2016-1760

  • EPSS 0.06%
  • Veröffentlicht 29.03.2016 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app.