Total
1649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5842 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | 2.1 LOW | N/A |
| XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors. | |||||
| CVE-2015-5916 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature. | |||||
| CVE-2016-1721 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2016-1762 | 6 Apple, Canonical, Debian and 3 more | 15 Iphone Os, Mac Os X, Safari and 12 more | 2025-04-12 | 5.8 MEDIUM | 8.1 HIGH |
| The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | |||||
| CVE-2015-6997 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | 4.3 MEDIUM | N/A |
| The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | |||||
| CVE-2015-7001 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app. | |||||
| CVE-2015-7060 | 1 Apple | 3 Mac Os X, Tvos, Watchos | 2025-04-12 | 6.8 MEDIUM | N/A |
| The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061. | |||||
| CVE-2016-1726 | 1 Apple | 3 Iphone Os, Safari, Watchos | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725. | |||||
| CVE-2016-4738 | 2 Apple, Debian | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||||
| CVE-2016-4726 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2015-5876 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | 9.3 HIGH | N/A |
| dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2015-5939 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image, a different vulnerability than CVE-2015-5935, CVE-2015-5936, and CVE-2015-5937. | |||||
| CVE-2016-1748 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 4.3 MEDIUM | 3.3 LOW |
| IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | |||||
| CVE-2016-1841 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||||
| CVE-2015-5523 | 4 Apple, Canonical, Debian and 1 more | 6 Iphone Os, Mac Os X, Watchos and 3 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation. | |||||
| CVE-2015-3416 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Watchos, Ubuntu Linux and 3 more | 2025-04-12 | 7.5 HIGH | N/A |
| The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. | |||||
| CVE-2016-1727 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724. | |||||
| CVE-2015-5844 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | 9.3 HIGH | N/A |
| IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5845 and CVE-2015-5846. | |||||
| CVE-2016-4737 | 1 Apple | 4 Iphone Os, Safari, Tvos and 1 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||||
| CVE-2015-5843 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | 7.2 HIGH | N/A |
| IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | |||||