Apple

iPhone OS

3904 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2015-6986

  • EPSS 1.05%
  • Veröffentlicht 23.10.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attackers to execute arbitrary code via a crafted app that leverages an unspecified "type confusion."

6.8

CVE-2015-6982

  • EPSS 1.31%
  • Veröffentlicht 23.10.2015 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE...

6.8

CVE-2015-6981

  • EPSS 1.31%
  • Veröffentlicht 23.10.2015 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE...

9.3

CVE-2015-6979

  • EPSS 1.47%
  • Veröffentlicht 23.10.2015 10:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

7.5

CVE-2015-6975

  • EPSS 2.13%
  • Veröffentlicht 23.10.2015 10:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 a...

2.1

CVE-2015-5923

  • EPSS 0.07%
  • Veröffentlicht 09.10.2015 05:59:39
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which allows physically proximate attackers to read contact data or view photos via unspecified vectors.

4.3

CVE-2015-5921

  • EPSS 0.3%
  • Veröffentlicht 18.09.2015 12:01:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might allow man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

4.3

CVE-2015-5916

  • EPSS 0.56%
  • Veröffentlicht 18.09.2015 12:00:57
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature.

5

CVE-2015-5912

  • EPSS 0.52%
  • Veröffentlicht 18.09.2015 12:00:56
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses.

2.6

CVE-2015-5907

  • EPSS 0.16%
  • Veröffentlicht 18.09.2015 12:00:48
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate.