Filtered by vendor Apple
Subscriptions
Filtered by product Tvos
Subscriptions
Total
1753 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-1292 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294. | ||||
CVE-2014-1291 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. | ||||
CVE-2014-1290 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. | ||||
CVE-2014-1289 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. | ||||
CVE-2014-1287 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. | ||||
CVE-2014-1282 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name. | ||||
CVE-2014-1280 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding. | ||||
CVE-2014-1279 | 1 Apple | 1 Tvos | 2024-11-21 | N/A |
Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. | ||||
CVE-2014-1278 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call. | ||||
CVE-2014-1275 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. | ||||
CVE-2014-1273 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library. | ||||
CVE-2014-1272 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink. | ||||
CVE-2014-1271 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app. | ||||
CVE-2014-1267 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | N/A |
The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. | ||||
CVE-2014-1266 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 7.4 High |
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step. | ||||
CVE-2013-5228 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | ||||
CVE-2013-5225 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | ||||
CVE-2013-5199 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | ||||
CVE-2013-5198 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | ||||
CVE-2013-5197 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |