CVE-2015-1117
- EPSS 0.39%
- Veröffentlicht 10.04.2015 14:59:31
- Zuletzt bearbeitet 06.05.2026 22:30:45
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with ...
CVE-2015-1114
- EPSS 0.35%
- Veröffentlicht 10.04.2015 14:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app.
- EPSS 2.14%
- Veröffentlicht 10.04.2015 14:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data.
- EPSS 6.9%
- Veröffentlicht 10.04.2015 14:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism v...
- EPSS 9.11%
- Veröffentlicht 10.04.2015 14:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via c...
CVE-2015-1103
- EPSS 2.57%
- Veröffentlicht 10.04.2015 14:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet...
CVE-2015-1102
- EPSS 1.74%
- Veröffentlicht 10.04.2015 14:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.
CVE-2015-1101
- EPSS 0.38%
- Veröffentlicht 10.04.2015 14:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-1100
- EPSS 1.04%
- Veröffentlicht 10.04.2015 14:59:16
- Zuletzt bearbeitet 06.05.2026 22:30:45
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.
- EPSS 0.25%
- Veröffentlicht 10.04.2015 14:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app.