Export limit exceeded: 23454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14548 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14548 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5822 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2025-04-12 | N/A |
| WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | ||||
| CVE-2015-5823 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2025-04-12 | N/A |
| WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | ||||
| CVE-2015-5824 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-5825 | 1 Apple | 2 Iphone Os, Safari | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code. | ||||
| CVE-2015-5847 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2015-5859 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2015-5860 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | N/A |
| The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site. | ||||
| CVE-2015-5861 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors. | ||||
| CVE-2015-5862 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file. | ||||
| CVE-2015-5863 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors. | ||||
| CVE-2015-5864 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | ||||
| CVE-2015-5865 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | ||||
| CVE-2015-5866 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| IOHIDFamily in Apple OS X before 10.11 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2015-5877 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5830. | ||||
| CVE-2015-5878 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-5879 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header. | ||||
| CVE-2015-5880 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| CoreAnimation in Apple iOS before 9 allows attackers to bypass intended IOSurface restrictions and obtain screen-framebuffer access via a crafted background app. | ||||
| CVE-2015-5882 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges. | ||||
| CVE-2015-5883 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence. | ||||
| CVE-2015-5884 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment. | ||||