Vulnerabilities > Apple > Iphone OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-11 | CVE-2015-7095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. | 6.8 |
| 2015-12-11 | CVE-2015-7081 | Unspecified vulnerability in Apple Iphone OS and mac OS X iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
| 2015-12-11 | CVE-2015-7075 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. | 6.8 |
| 2015-12-11 | CVE-2015-7074 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. | 6.8 |
| 2015-12-11 | CVE-2015-7073 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake. | 6.8 |
| 2015-12-11 | CVE-2015-7066 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064. | 6.8 |
| 2015-12-11 | CVE-2015-7065 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |
| 2015-12-11 | CVE-2015-7064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7066. | 6.8 |
| 2015-12-11 | CVE-2015-7062 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and mac OS X Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors. | 4.6 |
| 2015-12-11 | CVE-2015-7058 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app. | 4.3 |