Vulnerabilities > Apple > Iphone OS > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-10 | CVE-2015-1107 | Multiple Security vulnerability in Apple iOS APPLE-SA-2015-04-08-3 The Lock Screen component in Apple iOS before 8.3 does not properly implement the erasure feature for incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses. local apple | 1.9 |
2015-04-10 | CVE-2015-1108 | Information Exposure vulnerability in Apple Iphone OS The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses. | 2.1 |
2015-04-10 | CVE-2015-1109 | Information Exposure vulnerability in Apple Iphone OS NetworkExtension in Apple iOS before 8.3 stores credentials in VPN configuration logs, which makes it easier for physically proximate attackers to obtain sensitive information by reading a log file. | 2.1 |
2015-04-10 | CVE-2015-1113 | Information Exposure vulnerability in Apple Iphone OS The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone number or (2) e-mail address of a recent contact via a crafted app. | 1.9 |
2015-04-10 | CVE-2015-1114 | Information Exposure vulnerability in Apple Iphone OS and Tvos The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app. | 1.9 |
2015-04-10 | CVE-2015-1116 | Information Exposure vulnerability in Apple Iphone OS The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen. | 2.1 |
2015-03-12 | CVE-2015-1064 | Information Exposure vulnerability in Apple Iphone OS Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process. | 1.9 |
2015-01-14 | CVE-2014-5231 | Information Exposure vulnerability in Siemens Simatic Wincc Sm@Rtclient 1.0 The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to extract the password from storage via unspecified vectors. | 2.1 |
2015-01-14 | CVE-2014-5232 | Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic Wincc Sm@Rtclient 1.0 The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state. | 1.9 |
2015-01-14 | CVE-2014-5233 | Information Exposure vulnerability in Siemens Simatic Wincc Sm@Rtclient 1.0 The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism. | 1.9 |