CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-5829
https://notcve.org/view.php?id=CVE-2015-5829
Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file. Vulnerabilidad en Data Detectors Engine en Apple iOS en versiones anteriores a 9, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo de texto manipulado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5834
https://notcve.org/view.php?id=CVE-2015-5834
IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Vulnerabilidad en IOAcceleratorFamily en Apple iOS en versiones anteriores a 9, permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5837
https://notcve.org/view.php?id=CVE-2015-5837
PluginKit in Apple iOS before 9 allows attackers to bypass an intended app-trust requirement and install arbitrary extensions via a crafted enterprise app. Vulnerabilidad en PluginKit en Apple iOS en versiones anteriores a 9, permite a atacantes eludir un requisito destinado a app-trust e instalar extensiones arbitrarias a través de una aplicación empresarial manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5885
https://notcve.org/view.php?id=CVE-2015-5885
The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vectors involving a cookie for a top-level domain. Vulnerabilidad en el componente CFNetwork Cookies en Apple iOS en versiones anteriores a 9, permite a atacantes remotos rastrear usuarios a través de vectores que involucran una cookie para un dominio top-level. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 1%CPEs: 9EXPL: 4CVE-2015-5522
https://notcve.org/view.php?id=CVE-2015-5522
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. Desbordamiento de buffer basado en memoria dinámica en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando un carácter de comando en un href. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.debian.org/security/2015/dsa-3309 http://www.openwall.com/lists/oss-security/2015/06/04/2 http://www.openwall.com/lists/oss-security/2015/07/13/7 http://www.openwall.com/lists/oss-security/2015/07/15/3 http://www.securityfocus.com/bid/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •