Total
1633 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-1267 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 5.8 MEDIUM | N/A |
The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. | |||||
CVE-2014-1368 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. | |||||
CVE-2015-1101 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 6.9 MEDIUM | N/A |
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2014-1282 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 5.8 MEDIUM | N/A |
The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name. | |||||
CVE-2014-4405 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 9.3 HIGH | N/A |
IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties. | |||||
CVE-2014-4383 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 4.3 MEDIUM | N/A |
The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header. | |||||
CVE-2014-1278 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 7.2 HIGH | N/A |
The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call. | |||||
CVE-2015-1069 | 1 Apple | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2014-4469 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-1365 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. | |||||
CVE-2014-1356 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 10.0 HIGH | N/A |
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages. | |||||
CVE-2014-4485 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | |||||
CVE-2014-4461 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 9.3 HIGH | N/A |
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application. | |||||
CVE-2014-4483 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font file in a PDF document. | |||||
CVE-2014-4484 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 7.5 HIGH | N/A |
FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .dfont file. | |||||
CVE-2015-1100 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 5.4 MEDIUM | N/A |
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app. | |||||
CVE-2014-1272 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 6.3 MEDIUM | N/A |
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink. | |||||
CVE-2014-1362 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. | |||||
CVE-2015-1082 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
CVE-2014-4380 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 9.3 HIGH | N/A |
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application. |