CVSS: 5.3EPSS: 3%CPEs: 17EXPL: 0CVE-2015-1819 – libxml2: denial of service processing a crafted XML document
https://notcve.org/view.php?id=CVE-2015-1819
07 Jul 2015 — The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Vulnerabilidad en el xmlreader en libxml, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de datos XML manipulados, relacionada con un ataque XML Entity Expansión (XEE). A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 8%CPEs: 3EXPL: 0CVE-2015-3717 – SQLite printf Format String Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3717
01 Jul 2015 — Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Múltiples desbordamientos de buffer en la funcionalidad printf en SQLite, utilizado en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4, permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de ve... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3725 – Apple Security Advisory 2015-06-30-1
https://notcve.org/view.php?id=CVE-2015-3725
01 Jul 2015 — MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app. MobileInstallation en Apple iOS anterior a 8.4 no asegura la singularidad de los identificadores de los paquetes Watch, lo que permite a atacantes causar una denegación de servicio (colisión de identificadores y la interrupción del lanzamiento de Watch) a través de una aplica... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3726 – Apple Security Advisory 2015-06-30-1
https://notcve.org/view.php?id=CVE-2015-3726
01 Jul 2015 — The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card. El subsistema Telephony en Apple iOS anterior a 8.4 permite a atacantes físicamente próximos ejecutar código arbitrario a través de una tarjeta (1) SIM o (2) UIM manipulada. iOS 8.4 is now available and addresses denial of service, an incorrect issued certificate, arbitrary code execution, and various other flaws. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 0CVE-2015-3724 – Apple iOS ICC Profile tag count Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3724
01 Jul 2015 — CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723. CoreGraphics en Apple iOS anterior a 8.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un perfil ICC manipulado en un documento PDF, una vulnerabilidad diferente a CVE-2015-3723. This vulnerability allows... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-3688 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3688
01 Jul 2015 — CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabil... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3728 – Apple Security Advisory 2015-06-30-1
https://notcve.org/view.php?id=CVE-2015-3728
01 Jul 2015 — The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi-Fi access points to trigger an automatic association, with an arbitrary security type, by operating with a recognized ESSID within an 802.11 network's coverage area. La característica WiFi Connectivity en Apple iOS anterior a 8.4 permite a puntos de acceso remotos de Wi-Fi provocar una asociación automática, con un tipo de seguridad arbitrario, mediante la operación con un ESSID reconocido dentro de la área de cubertura de una red 802.11... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-3687 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3687
01 Jul 2015 — CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabil... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 5%CPEs: 3EXPL: 0CVE-2015-3686 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-3686
01 Jul 2015 — CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. CoreText en Apple iOS anterior a 8.4 y OS X anterior a 10.10.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero de texto manipulado, una vulnerabil... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2015-3723 – Apple iOS ICC Profile curv Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3723
01 Jul 2015 — CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724. CoreGraphics en Apple iOS anterior a 8.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un perfil ICC manipulado en un documento PDF, una vulnerabilidad diferente a CVE-2015-3724. This vulnerability allows... • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •