Vulnerability & Exploit Database

Displaying entries 1 - 10 of 278 in total

Results for: CVE-2015-0222 Back to search

FreeBSD: FreeBSD -- Buffer overflow in stdio (FreeBSD-SA-14:27.stdio) (CVE-2014-8611) Vulnerability

  • Severity: 7
  • Published: September 18, 2015

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

Apple Safari security update for CVE-2015-5827 Vulnerability

  • Severity: 5
  • Published: September 18, 2015

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.

Apple Safari security update for CVE-2015-5826 Vulnerability

  • Severity: 4
  • Published: September 18, 2015

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Apple Safari security update for CVE-2015-5825 Vulnerability

  • Severity: 4
  • Published: September 18, 2015

WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code.

Apple Safari security update for CVE-2015-5823 Vulnerability

  • Severity: 7
  • Published: September 18, 2015

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Apple Safari security update for CVE-2015-5822 Vulnerability

  • Severity: 7
  • Published: September 18, 2015

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Apple Safari security update for CVE-2015-5821 Vulnerability

  • Severity: 7
  • Published: September 18, 2015

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Apple Safari security update for CVE-2015-5820 Vulnerability

  • Severity: 4
  • Published: September 18, 2015

WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted (1) tel://, (2) facetime://, or (3) facetime-audio:// URL.

Apple Safari security update for CVE-2015-5819 Vulnerability

  • Severity: 7
  • Published: September 18, 2015

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Apple Safari security update for CVE-2015-5818 Vulnerability

  • Severity: 7
  • Published: September 18, 2015

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.