CVE-2015-5756
- EPSS 3.21%
- Veröffentlicht 17.08.2015 00:00:38
- Zuletzt bearbeitet 06.05.2026 22:30:45
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-380...
CVE-2015-5755
- EPSS 3.4%
- Veröffentlicht 17.08.2015 00:00:36
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
- EPSS 1.71%
- Veröffentlicht 17.08.2015 00:00:32
- Zuletzt bearbeitet 06.05.2026 22:30:45
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
CVE-2015-5749
- EPSS 1.36%
- Veröffentlicht 17.08.2015 00:00:28
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
CVE-2015-5748
- EPSS 0.35%
- Veröffentlicht 17.08.2015 00:00:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.
- EPSS 1.42%
- Veröffentlicht 17.08.2015 00:00:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.
CVE-2015-3807
- EPSS 2.41%
- Veröffentlicht 17.08.2015 00:00:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2015-3806
- EPSS 0.35%
- Veröffentlicht 17.08.2015 00:00:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.
CVE-2015-3805
- EPSS 0.37%
- Veröffentlicht 17.08.2015 00:00:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.
CVE-2015-3804
- EPSS 3.64%
- Veröffentlicht 17.08.2015 00:00:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-575...