Filtered by vendor Apple
Subscriptions
Filtered by product Tvos
Subscriptions
Total
1669 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4495 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app. | ||||
| CVE-2014-4462 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
| WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452. | ||||
| CVE-2014-4476 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. | ||||
| CVE-2014-4492 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type. | ||||
| CVE-2014-4488 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly validate resource-queue metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
| CVE-2014-4487 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
| CVE-2014-4461 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application. | ||||
| CVE-2014-4475 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
| CVE-2014-4479 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. | ||||
| CVE-2014-4466 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
| CVE-2014-4455 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
| dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. | ||||
| CVE-2014-4480 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
| Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink. | ||||
| CVE-2014-4473 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
| CVE-2014-4485 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | ||||
| CVE-2014-4491 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app. | ||||
| CVE-2014-4483 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font file in a PDF document. | ||||
| CVE-2014-4496 | 1 Apple | 2 Iphone Os, Tvos | 2024-08-06 | N/A |
| The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app. | ||||
| CVE-2014-4468 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | ||||
| CVE-2014-4477 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
| WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. | ||||
| CVE-2014-4481 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-08-06 | N/A |
| Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | ||||