Iphone Os Security Vulnerabilities and Issues — Iphone Os CVE List

Lucene search

AppleIphone Os

22 matches found

CVE•added 2015/03/11 1:59 a.m.•93 views

CVE-2015-1067

Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue,...

4.3CVSS5.8AI score0.88519EPSS

CVE•added 2015/03/18 10:59 p.m.•73 views

CVE-2015-1069

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00872EPSS

CVE•added 2015/03/18 10:59 p.m.•71 views

CVE-2015-1071

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/03/12 10:59 a.m.•66 views

CVE-2015-1065

Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery.

5.4CVSS7.1AI score0.00231EPSS

CVE•added 2015/03/18 10:59 p.m.•65 views

CVE-2015-1077

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/03/12 10:59 a.m.•60 views

CVE-2015-1061

IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages "type confusion" during serialized-object handling.

9.3CVSS6.8AI score0.01725EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1074

6.8CVSS7.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1078

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1083

6.8CVSS7.8AI score0.00861EPSS

CVE•added 2015/03/18 10:59 p.m.•58 views

CVE-2015-1076

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/03/18 10:59 p.m.•56 views

CVE-2015-1079

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•55 views

CVE-2015-1082

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•54 views

CVE-2015-1081

6.8CVSS8.8AI score0.00861EPSS

CVE•added 2015/03/18 10:59 p.m.•53 views

CVE-2015-1070

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•52 views

CVE-2015-1072

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•51 views

CVE-2015-1080

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•49 views

CVE-2015-1068

6.8CVSS8.8AI score0.00853EPSS

CVE•added 2015/03/18 10:59 p.m.•48 views

CVE-2015-1073

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/03/12 10:59 a.m.•46 views

CVE-2015-1062

MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a crafted app.

5CVSS5.7AI score0.00336EPSS

CVE•added 2015/03/18 10:59 p.m.•46 views

CVE-2015-1084

The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.

5CVSS6AI score0.00434EPSS

CVE•added 2015/03/12 10:59 a.m.•43 views

CVE-2015-1063

CoreTelephony in Apple iOS before 8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a Class 0 SMS message.

7.8CVSS6AI score0.00693EPSS

CVE•added 2015/03/12 10:59 a.m.•40 views

CVE-2015-1064

Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process.

1.9CVSS5.7AI score0.00068EPSS