Vulnerabilities > Apple > Iphone OS > 7.0.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-18 | CVE-2014-4381 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application. | 9.3 |
| 2014-09-18 | CVE-2014-4380 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application. | 9.3 |
| 2014-09-18 | CVE-2014-4379 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application. | 7.1 |
| 2014-09-18 | CVE-2014-4378 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document. | 5.8 |
| 2014-09-18 | CVE-2014-4377 | Numeric Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | 6.8 |
| 2014-09-18 | CVE-2014-4375 | Local Memory Corruption vulnerability in Apple Iphone OS, mac OS X and Tvos Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. | 7.2 |
| 2014-09-18 | CVE-2014-4374 | XML External Entity Information Disclosure vulnerability in Apple Iphone OS and mac OS X NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
| 2014-09-18 | CVE-2014-4373 | NULL Pointer Dereference Denial of Service vulnerability in Apple Iphone OS, mac OS X and Tvos The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application. | 7.8 |
| 2014-09-18 | CVE-2014-4372 | Link Following vulnerability in Apple Iphone OS and Tvos syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file. | 3.6 |
| 2014-09-18 | CVE-2014-4371 | Improper Initialization vulnerability in Apple Iphone OS, mac OS X and Tvos The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. | 1.9 |