CVE-2015-3689
- EPSS 3.12%
- Veröffentlicht 03.07.2015 01:59:44
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015...
CVE-2015-3688
- EPSS 3.3%
- Veröffentlicht 03.07.2015 01:59:43
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015...
CVE-2015-3687
- EPSS 3.3%
- Veröffentlicht 03.07.2015 01:59:42
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015...
CVE-2015-3686
- EPSS 3.3%
- Veröffentlicht 03.07.2015 01:59:41
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015...
CVE-2015-3685
- EPSS 3.12%
- Veröffentlicht 03.07.2015 01:59:40
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015...
CVE-2015-3684
- EPSS 3.3%
- Veröffentlicht 03.07.2015 01:59:39
- Zuletzt bearbeitet 06.05.2026 22:30:45
The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
CVE-2015-3659
- EPSS 2.77%
- Veröffentlicht 03.07.2015 01:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows re...
CVE-2015-3658
- EPSS 2%
- Veröffentlicht 03.07.2015 01:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, w...
CVE-2015-1157
- EPSS 5.55%
- Veröffentlicht 28.05.2015 01:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated...
CVE-2014-8146
- EPSS 24.47%
- Veröffentlicht 25.05.2015 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows ...