Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple iphone os 8.4.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5770
MobileInstallation in Apple iOS prior to 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows malicious users to replace arbitrary extensions via a crafted enterprise app.
Apple Iphone Os
NA
CVE-2015-3758
UIKit WebView in Apple iOS prior to 8.4.1 allows malicious users to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
Apple Iphone Os
NA
CVE-2015-3751
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, allows remote malicious users to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element ...
Apple Safari
Apple Iphone Os
NA
CVE-2015-3763
Safari in Apple iOS prior to 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote malicious users to cause a denial of service (apparent browser locking) via a crafted web site.
Apple Iphone Os
NA
CVE-2015-3756
The Certificate UI in Apple iOS prior to 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate malicious users to establish arbitrary certificate trust relationships by completing a dialog.
Apple Iphone Os
NA
CVE-2015-3753
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote malicious users to bypass the Same Origin Policy and obtain sensi...
Apple Safari
Apple Iphone Os
NA
CVE-2015-3732
WebKit, as used in Apple iOS prior to 8.4.1 and Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...
Apple Safari
Apple Iphone Os
NA
CVE-2015-3784
Office Viewer in Apple iOS prior to 8.4.1 and OS X prior to 10.10.5 allows remote malicious users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Apple Mac Os X
Apple Iphone Os
Apple Numbers
Apple Keynote
Apple Pages
Apple Iwork
NA
CVE-2015-3750
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man...
Apple Iphone Os
Apple Safari
NA
CVE-2015-3734
WebKit, as used in Apple iOS prior to 8.4.1 and Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...
Apple Itunes
Apple Safari
Apple Iphone Os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »