Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-18 | CVE-2014-4407 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls. | 4.3 |
2014-09-18 | CVE-2014-4405 | NULL Pointer Dereference Remote Code Execution vulnerability in Apple Iphone OS, mac OS X and Tvos IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties. | 9.3 |
2014-09-18 | CVE-2014-4404 | Out-of-bounds Write vulnerability in Apple Iphone OS and mac OS X Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties. | 7.8 |
2014-09-18 | CVE-2014-4389 | Numeric Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments. | 9.3 |
2014-09-18 | CVE-2014-4388 | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418. | 9.3 |
2014-09-18 | CVE-2014-4386 | Race Condition vulnerability in Apple Iphone OS Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access. | 1.9 |
2014-09-18 | CVE-2014-4384 | Path Traversal vulnerability in Apple Iphone OS Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle. | 1.9 |
2014-09-18 | CVE-2014-4383 | Improper Input Validation vulnerability in Apple Iphone OS and Tvos The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header. | 4.3 |
2014-09-18 | CVE-2014-4381 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application. | 9.3 |
2014-09-18 | CVE-2014-4380 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application. | 9.3 |