Filtered by vendor Apple Subscriptions
Total 14575 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-5851 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack.
CVE-2015-5869 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
CVE-2015-5870 1 Apple 1 Mac Os X 2025-04-12 N/A
The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensitive memory-layout information via unspecified vectors.
CVE-2015-5872 1 Apple 1 Mac Os X 2025-04-12 N/A
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890.
CVE-2015-5873 1 Apple 1 Mac Os X 2025-04-12 N/A
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5890.
CVE-2015-5874 1 Apple 4 Iphone Os, Itunes, Mac Os X and 1 more 2025-04-12 N/A
CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
CVE-2015-5875 1 Apple 1 Mac Os X 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before 10.11 allows local users to inject arbitrary web script or HTML via crafted text.
CVE-2015-5876 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2015-5898 1 Apple 2 Iphone Os, Watchos 2025-04-12 N/A
CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.
CVE-2015-5899 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-5900 1 Apple 1 Mac Os X 2025-04-12 N/A
The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address.
CVE-2015-5902 1 Apple 1 Mac Os X 2025-04-12 N/A
The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors.
CVE-2015-5903 1 Apple 3 Iphone Os, Mac Os X, Watchos 2025-04-12 N/A
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.
CVE-2015-5904 1 Apple 1 Iphone Os 2025-04-12 N/A
Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted web site.
CVE-2015-5905 1 Apple 1 Iphone Os 2025-04-12 N/A
Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted window opener on a web site.
CVE-2015-5906 1 Apple 1 Iphone Os 2025-04-12 N/A
The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to the final character of a password, which might make it easier for remote attackers to discover a password by leveraging a later prediction containing that character.
CVE-2015-5918 1 Apple 1 Watch Os 2025-04-12 N/A
GasGauge in Apple watchOS before 2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5919.
CVE-2015-5919 1 Apple 1 Watch Os 2025-04-12 N/A
GasGauge in Apple watchOS before 2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5918.
CVE-2015-5921 1 Apple 1 Iphone Os 2025-04-12 N/A
WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might allow man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
CVE-2015-5923 1 Apple 1 Iphone Os 2025-04-12 N/A
Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which allows physically proximate attackers to read contact data or view photos via unspecified vectors.