Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3370 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-12-11 | CVE-2015-7046 | The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7043 | The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7042 | The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7041 | The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7040 | The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7039 | Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7038 | Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
| 2015-12-11 | CVE-2015-7037 | Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. | Iphone_os | N/A | ||
| 2015-11-22 | CVE-2015-7036 | The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument. | Iphone_os, Mac_os_x | N/A | ||
| 2015-10-23 | CVE-2015-7023 | CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors. | Iphone_os, Mac_os_x | N/A |