Apple

iPhone OS

3904 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-7064

  • EPSS 1.23%
  • Veröffentlicht 11.12.2015 11:59:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE...

4.6

CVE-2015-7062

  • EPSS 0.06%
  • Veröffentlicht 11.12.2015 11:59:27
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors.

4.3

CVE-2015-7058

  • EPSS 0.52%
  • Veröffentlicht 11.12.2015 11:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app.

9.3

CVE-2015-7055

  • EPSS 0.62%
  • Veröffentlicht 11.12.2015 11:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

6.8

CVE-2015-7054

  • EPSS 1.14%
  • Veröffentlicht 11.12.2015 11:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafte...

6.8

CVE-2015-7053

  • EPSS 3.4%
  • Veröffentlicht 11.12.2015 11:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.

9.3

CVE-2015-7051

  • EPSS 0.76%
  • Veröffentlicht 11.12.2015 11:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

4.3

CVE-2015-7050

  • EPSS 0.58%
  • Veröffentlicht 11.12.2015 11:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses content extensions, which allows remote attackers to obtain sensitive browsing-history information via a crafted web site.

6.8

CVE-2015-7048

  • EPSS 1.01%
  • Veröffentlicht 11.12.2015 11:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than C...

7.2

CVE-2015-7047

  • EPSS 0.75%
  • Veröffentlicht 11.12.2015 11:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.