CVE-2015-5838

SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which allows attackers to spoof the dialog windows of an arbitrary app via a crafted app...

CVE-2015-5861

SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors...

AirDrop Bug in Apple iOS and OSX allows Hackers to Install Malware Silently

With the launch of iOS 9, Apple gave us an ultimate reason to upgrade our Apple devices to its new operating system. The latest iOS 9 includes a security update for a nasty bug that could be exploited to take full control of your iPhone or Macs, forcing most of the Apple users to download the...

APPLE-SA-2015-03-09-1 iOS 8.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-09-1 iOS 8.2 iOS 8.2 is now available and addresses the following: CoreTelephony Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A remote attacker can cause a device to unexpectedly...

CVE-2015-1064

Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process...

Design/Logic Flaw

Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process...

CVE-2015-1064

CVE-2015-1064 affects Apple iOS prior to 8.2. The vulnerability resides in Springboard: during activation, an application crash could allow a physically proximate attacker to bypass activation and view the home screen. The reported impact is limited to bypassing the intended activation flow and r...

CVE-2015-1064

Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process...

CVE-2014-4494

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a...

Design/Logic Flaw

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a...

CVE-2014-4494

CVE-2014-4494 affects Apple iOS prior to 8.1.3, specifically the Springboard component. The issue is that signatures were not properly validated when deciding whether to solicit an enterprise-app trust decision, enabling bypass of first-launch trust prompts for enterprise-signed apps. The root ca...

CVE-2014-4494

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a...

Springboard Video Quick Publish 0.2.6 - videolist.php paged Parameter Reflected XSS

The Springboard Video Quick Publish WordPress plugin was affected by a videolist.php paged Parameter Reflected XSS security vulnerability...

Springboard Video Quick Publish 0.2.6 - springboardvideo.php video_id Parameter XSS

The Springboard Video Quick Publish WordPress plugin was affected by a springboardvideo.php videoid Parameter XSS security vulnerability...

WordPress Springboard Video Quick Publish Plugin <= 0.2.6 - Reflected XSS

This plugin is prone to a videolist.php paged parameter cross site scripting vulnerability. Solution Update the plugin...

WordPress Springboard Video Quick Publish Plugin <= 0.2.6 - Reflected XSS

This plugin is prone to a cross site scripting vulnerability in videolist.php paged parameter, springboardvideo.php videoid parameter and sbsearch.php paged parameter. Solution Update the plugin...

CVE-2014-1285

Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an unactivated device...

CVE-2014-1286

SpringBoard Lock Screen in Apple iOS before 7.1 allows remote attackers to cause a denial of service lock-screen hang by leveraging a state-management error...

Design/Logic Flaw

Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an unactivated device...

CVE-2014-1286

CVE-2014-1286 is a vulnerability in the Apple iOS SpringBoard Lock Screen described as a state-management error that allows a remote attacker to cause a denial of service (lock-screen hang) on iOS versions prior to 7.1. The connected sources identify this CVE as part of a set of iOS issues resolv...