Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Total 10175 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-5911 1 Apple 1 Mac Os X Server 2016-12-21 10.0 HIGH N/A
Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document.
CVE-2015-5910 1 Apple 1 Xcode 2016-12-21 3.3 LOW N/A
IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2015-5796 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-21 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
CVE-2015-5797 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-21 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
CVE-2015-5832 1 Apple 1 Iphone Os 2016-12-21 2.1 LOW N/A
The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensitive information via unspecified vectors.
CVE-2015-5831 1 Apple 2 Iphone Os, Mac Os X 2016-12-21 5.0 MEDIUM N/A
NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app.
CVE-2015-5837 1 Apple 2 Iphone Os, Watchos 2016-12-21 4.3 MEDIUM N/A
PluginKit in Apple iOS before 9 allows attackers to bypass an intended app-trust requirement and install arbitrary extensions via a crafted enterprise app.
CVE-2015-5799 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-21 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
CVE-2015-5829 1 Apple 2 Iphone Os, Watchos 2016-12-21 6.8 MEDIUM N/A
Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file.
CVE-2015-5904 1 Apple 1 Iphone Os 2016-12-21 4.3 MEDIUM N/A
Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted web site.
CVE-2015-5903 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-21 10.0 HIGH N/A
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896.
CVE-2015-5898 1 Apple 2 Iphone Os, Watchos 2016-12-21 2.1 LOW N/A
CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.
CVE-2015-5896 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-21 7.2 HIGH N/A
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903.
CVE-2015-5874 1 Apple 4 Iphone Os, Itunes, Mac Os X and 1 more 2016-12-21 7.5 HIGH N/A
CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
CVE-2015-5885 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-21 5.0 MEDIUM N/A
The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vectors involving a cookie for a top-level domain.
CVE-2015-5798 1 Apple 2 Itunes, Safari 2016-12-21 6.8 MEDIUM N/A
WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.
CVE-2015-5824 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-21 4.3 MEDIUM N/A
The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-5850 1 Apple 1 Iphone Os 2016-12-21 2.1 LOW N/A
AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.
CVE-2015-5790 1 Apple 3 Iphone Os, Itunes, Safari 2016-12-21 6.8 MEDIUM N/A
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
CVE-2015-5844 1 Apple 2 Iphone Os, Watchos 2016-12-21 9.3 HIGH N/A
IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5845 and CVE-2015-5846.