Vulnerabilities > Apple > Iphone OS > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-18 | CVE-2014-4371 | Improper Initialization vulnerability in Apple Iphone OS, mac OS X and Tvos The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. | 1.9 |
2014-09-18 | CVE-2014-4372 | Link Following vulnerability in Apple Iphone OS and Tvos syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file. | 3.6 |
2014-09-18 | CVE-2014-4384 | Path Traversal vulnerability in Apple Iphone OS Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle. | 1.9 |
2014-09-18 | CVE-2014-4386 | Race Condition vulnerability in Apple Iphone OS Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access. | 1.9 |
2014-09-18 | CVE-2014-4419 | Security vulnerability in Apple Iphone OS, mac OS X and Tvos The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421. local apple | 1.9 |
2014-09-18 | CVE-2014-4420 | Security vulnerability in Apple Iphone OS, mac OS X and Tvos The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421. local apple | 1.9 |
2014-09-18 | CVE-2014-4421 | Security vulnerability in Apple Iphone OS, mac OS X and Tvos The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420. local apple | 1.9 |
2014-07-01 | CVE-2014-1348 | Cryptographic Issues vulnerability in Apple Iphone OS Mail in Apple iOS before 7.1.2 advertises the availability of data protection for attachments but stores cleartext attachments under mobile/Library/Mail/, which makes it easier for physically proximate attackers to obtain sensitive information by mounting the data partition. | 2.1 |
2014-07-01 | CVE-2014-1351 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambiguously. | 3.6 |
2014-07-01 | CVE-2014-1352 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors. | 1.9 |