NotCVE - vendor:"Apple" product:"Iphone Os" version:"

Page 485 of 3272 results (0.013 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-5923

https://notcve.org/view.php?id=CVE-2015-5923

Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which allows physically proximate attackers to read contact data or view photos via unspecified vectors. Apple iOS en versiones anteriores a 9.0.2 no restringe adecuadamente las opciones disponibles en la pantalla de bloqueo, lo que permite a atacantes físicamente próximos leer los datos de contactos o ver fotos a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00006.html http://www.securitytracker.com/id/1033687 https://support.apple.com/HT205284 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5834

https://notcve.org/view.php?id=CVE-2015-5834

IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Vulnerabilidad en IOAcceleratorFamily en Apple iOS en versiones anteriores a 9, permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5858

https://notcve.org/view.php?id=CVE-2015-5858

The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL. Vulnerabilidad en el componente CFNetwork HTTPProtocol en Apple iOS en versiones anteriores a 9, permite a atacantes remotos eludir el mecanismo de protección HSTS, y consecuentemente obtener información sensible, a través de una URL manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-5823

https://notcve.org/view.php?id=CVE-2015-5823

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. Vulnerabilidad en WebKit, tal como se utiliza en JavaScriptCore en Apple iOS en versiones anteriores a 9 y iTunes en versiones anteriores a 12.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otras CVEs WebKit listadas en APPLE-SA-2015-09-16-1 y APPLE-SA-2015-09-16-3. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205221 https://support.apple.com/HT205265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-3801

https://notcve.org/view.php?id=CVE-2015-3801

The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors. Vulnerabilidad en la implementación de la API document.cookie en el subsistema CFNetwork Cookies en WebKit en Apple iOS en versiones anteriores a la 9, permite a atacantes remotos eludir una restricción destinada a una única cookie a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205265 • CWE-264: Permissions, Privileges, and Access Controls •

1...483 484 485 486 487