Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying vulnerability details 41 - 50 of 64713 in total

Apple iOS Vulnerability: CVE-2015-5761 Vulnerability

  • Severity: 7
  • Published: August 15, 2015

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.

Apple iOS Vulnerability: CVE-2015-3753 Vulnerability

  • Severity: 5
  • Published: August 15, 2015

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive image data by leveraging a redirect to a data:image resource.

Apple iOS Vulnerability: CVE-2015-3796 Vulnerability

  • Severity: 8
  • Published: August 15, 2015

The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.

Apple iOS Vulnerability: CVE-2015-3800 Vulnerability

  • Severity: 7
  • Published: August 15, 2015

The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.

Apple iOS Vulnerability: CVE-2015-5758 Vulnerability

  • Severity: 7
  • Published: August 15, 2015

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

Apple iOS Vulnerability: CVE-2015-3741 Vulnerability

  • Severity: 7
  • Published: August 15, 2015

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and AP...

Apple iOS Vulnerability: CVE-2015-3750 Vulnerability

  • Severity: 6
  • Published: August 15, 2015

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man-in-the-middle attackers to obtain sensitive information by sniffin...

Apple iOS Vulnerability: CVE-2015-3766 Vulnerability

  • Severity: 4
  • Published: August 15, 2015

The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.

Apple iOS Vulnerability: CVE-2015-5781 Vulnerability

  • Severity: 4
  • Published: August 15, 2015

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image.

Apple iOS Vulnerability: CVE-2015-3784 Vulnerability

  • Severity: 5
  • Published: August 15, 2015

Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.