Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple iphone os 8.4.1 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2015-3750
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man...
Apple Iphone Os
Apple Safari
5
CVSSv2
CVE-2015-3751
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, allows remote malicious users to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element ...
Apple Safari
Apple Iphone Os
5
CVSSv2
CVE-2015-3752
The Content Security Policy implementation in WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote malicious use...
Apple Safari
Apple Iphone Os
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
5
CVSSv2
CVE-2015-3753
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote malicious users to bypass the Same Origin Policy and obtain sensi...
Apple Safari
Apple Iphone Os
4.3
CVSSv2
CVE-2015-3755
WebKit in Apple Safari prior to 6.2.8, 7.x prior to 7.1.8, and 8.x prior to 8.0.8, as used in iOS prior to 8.4.1 and other products, allows remote malicious users to spoof the user interface via a malformed URL.
Apple Safari
Apple Iphone Os
2.1
CVSSv2
CVE-2015-3756
The Certificate UI in Apple iOS prior to 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate malicious users to establish arbitrary certificate trust relationships by completing a dialog.
Apple Iphone Os
4.3
CVSSv2
CVE-2015-3758
UIKit WebView in Apple iOS prior to 8.4.1 allows malicious users to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL.
Apple Iphone Os
4.6
CVSSv2
CVE-2015-3759
Location Framework in Apple iOS prior to 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink.
Apple Iphone Os
4.3
CVSSv2
CVE-2015-3763
Safari in Apple iOS prior to 8.4.1 does not limit the rate of JavaScript alert messages, which allows remote malicious users to cause a denial of service (apparent browser locking) via a crafted web site.
Apple Iphone Os
4.3
CVSSv2
CVE-2015-3766
The kernel in Apple iOS prior to 8.4.1 and OS X prior to 10.10.5 does not properly restrict the mach_port_space_info interface, which allows malicious users to obtain sensitive memory-layout information via a crafted app.
Apple Mac Os X
Apple Iphone Os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »