Vulnerabilities > Apple > Iphone OS > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-18 | CVE-2014-4455 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. | 2.1 |
2014-11-18 | CVE-2014-4460 | Information Exposure vulnerability in Apple Iphone OS and mac OS X CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files. | 2.1 |
2014-11-18 | CVE-2014-4463 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature. | 2.1 |
2014-10-22 | CVE-2014-4448 | Cryptographic Issues vulnerability in Apple Iphone OS House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID. | 1.9 |
2014-10-22 | CVE-2014-4450 | Credentials Management vulnerability in Apple Iphone OS The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements. | 1.9 |
2014-09-18 | CVE-2014-4352 | Cryptographic Issues vulnerability in Apple Iphone OS Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID. | 2.1 |
2014-09-18 | CVE-2014-4356 | Information Exposure vulnerability in Apple Iphone OS Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen. | 2.1 |
2014-09-18 | CVE-2014-4357 | Information Exposure vulnerability in Apple Iphone OS and Tvos Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log. | 2.1 |
2014-09-18 | CVE-2014-4364 | Cryptographic Issues vulnerability in Apple Iphone OS and Tvos The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash. | 2.9 |
2014-09-18 | CVE-2014-4367 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number. | 2.1 |