Total
3262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4378 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 5.8 MEDIUM | N/A |
| CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document. | |||||
| CVE-2014-4379 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 7.1 HIGH | N/A |
| An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application. | |||||
| CVE-2014-4380 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 9.3 HIGH | N/A |
| The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application. | |||||
| CVE-2014-4381 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 9.3 HIGH | N/A |
| Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application. | |||||
| CVE-2014-4383 | 1 Apple | 2 Iphone Os, Tvos | 2019-03-08 | 4.3 MEDIUM | N/A |
| The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header. | |||||
| CVE-2014-4388 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 9.3 HIGH | 7.8 HIGH |
| IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418. | |||||
| CVE-2014-4389 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 9.3 HIGH | N/A |
| Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments. | |||||
| CVE-2014-4404 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties. | |||||
| CVE-2014-4405 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 9.3 HIGH | N/A |
| IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties. | |||||
| CVE-2014-4407 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 4.3 MEDIUM | 3.3 LOW |
| IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls. | |||||
| CVE-2014-4408 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 6.9 MEDIUM | N/A |
| The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call. | |||||
| CVE-2014-4410 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. | |||||
| CVE-2014-4411 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. | |||||
| CVE-2014-4412 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. | |||||
| CVE-2014-4413 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. | |||||
| CVE-2014-4414 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. | |||||
| CVE-2014-4415 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. | |||||
| CVE-2014-4418 | 1 Apple | 2 Iphone Os, Tvos | 2019-03-08 | 9.3 HIGH | 7.8 HIGH |
| IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388. | |||||
| CVE-2014-4419 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 1.9 LOW | N/A |
| The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421. | |||||
| CVE-2014-4420 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 1.9 LOW | N/A |
| The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421. | |||||