Filtered by vendor Apple
Subscriptions
Filtered by product Iphone Os
Subscriptions
Total
3666 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-4471 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
CVE-2014-4470 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
CVE-2014-4493 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
The app-installation functionality in MobileInstallation in Apple iOS before 8.1.3 allows attackers to obtain control of the local app container by leveraging access to an enterprise distribution certificate for signing a crafted app. | ||||
CVE-2014-4469 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
CVE-2014-4467 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site. | ||||
CVE-2014-4474 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
CVE-2014-4472 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
CVE-2014-4495 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app. | ||||
CVE-2014-4494 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app. | ||||
CVE-2014-4462 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452. | ||||
CVE-2014-4476 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. | ||||
CVE-2014-4463 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature. | ||||
CVE-2014-4492 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type. | ||||
CVE-2014-4488 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly validate resource-queue metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
CVE-2014-4487 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
CVE-2014-4461 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application. | ||||
CVE-2014-4475 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
CVE-2014-4450 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements. | ||||
CVE-2014-4479 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. | ||||
CVE-2014-4466 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |