CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5837
https://notcve.org/view.php?id=CVE-2015-5837
PluginKit in Apple iOS before 9 allows attackers to bypass an intended app-trust requirement and install arbitrary extensions via a crafted enterprise app. Vulnerabilidad en PluginKit en Apple iOS en versiones anteriores a 9, permite a atacantes eludir un requisito destinado a app-trust e instalar extensiones arbitrarias a través de una aplicación empresarial manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5860
https://notcve.org/view.php?id=CVE-2015-5860
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site. Vulnerabilidad en el componente CFNetwork HTTPProtocol en Apple iOS en versiones anteriores a 9, no maneja correctamente el estado HSTS, lo que permite a atacantes remotos eludir el mecanismo de protección private-browsing de Safari y rastrear a los usuarios a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5876
https://notcve.org/view.php?id=CVE-2015-5876
dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Vulnerabilidad en dyld en Dev Tools en Apple iOS en versiones anteriores a 9, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5899
https://notcve.org/view.php?id=CVE-2015-5899
libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Vulnerabilidad en libpthread en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5903
https://notcve.org/view.php?id=CVE-2015-5903
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896. Vulnerabilidad en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5868 y CVE-2015-5896. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •