Vulnerabilities > Apple > Iphone OS > 8.1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-03 | CVE-2015-3690 | Information Exposure vulnerability in Apple Iphone OS and mac OS X The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | 4.3 |
| 2015-07-03 | CVE-2015-3689 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688. | 6.8 |
| 2015-07-03 | CVE-2015-3688 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and mac OS X CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689. | 6.8 |
| 2015-07-03 | CVE-2015-3687 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and mac OS X CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689. | 6.8 |
| 2015-07-03 | CVE-2015-3686 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and mac OS X CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. | 6.8 |
| 2015-07-03 | CVE-2015-3685 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. | 6.8 |
| 2015-07-03 | CVE-2015-3684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL. | 6.8 |
| 2015-07-03 | CVE-2015-3659 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS, mac OS X and Safari The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. | 6.8 |
| 2015-07-03 | CVE-2015-3658 | 7PK - Security Features vulnerability in Apple Iphone OS, mac OS X and Safari The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site. | 6.8 |
| 2015-05-28 | CVE-2015-1157 | Code vulnerability in Apple Iphone OS, Itunes and mac OS X CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message. | 7.8 |