Export limit exceeded: 13754 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13754 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5879 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header. | ||||
| CVE-2015-5880 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| CoreAnimation in Apple iOS before 9 allows attackers to bypass intended IOSurface restrictions and obtain screen-framebuffer access via a crafted background app. | ||||
| CVE-2015-5882 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges. | ||||
| CVE-2015-5883 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence. | ||||
| CVE-2015-5884 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment. | ||||
| CVE-2015-5903 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896. | ||||
| CVE-2015-5904 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted web site. | ||||
| CVE-2015-5905 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted window opener on a web site. | ||||
| CVE-2015-5906 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to the final character of a password, which might make it easier for remote attackers to discover a password by leveraging a later prediction containing that character. | ||||
| CVE-2015-5907 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate. | ||||
| CVE-2015-5909 | 1 Apple | 1 Xcode | 2025-04-12 | N/A |
| IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail lists, which allows remote attackers to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery. | ||||
| CVE-2015-5910 | 1 Apple | 1 Xcode | 2025-04-12 | N/A |
| IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2015-5911 | 1 Apple | 1 Mac Os X Server | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document. | ||||
| CVE-2015-5912 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses. | ||||
| CVE-2015-5913 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request. | ||||
| CVE-2015-5914 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete fix for CVE-2014-4498. | ||||
| CVE-2015-5915 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors. | ||||
| CVE-2015-5916 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | N/A |
| The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature. | ||||
| CVE-2015-5917 | 2 Apple, Netbsd | 2 Mac Os X, Tnftpd | 2025-04-12 | N/A |
| The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring. | ||||
| CVE-2015-5918 | 1 Apple | 1 Watch Os | 2025-04-12 | N/A |
| GasGauge in Apple watchOS before 2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5919. | ||||