Vulnerabilities > Apple > Tvos > 1.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-18 | CVE-2014-4422 | Cryptographic Issues vulnerability in Apple Iphone OS and Tvos The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers. | 8.1 |
| 2014-09-18 | CVE-2014-4418 | Improper Input Validation vulnerability in Apple Iphone OS IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388. | 7.8 |
| 2014-09-18 | CVE-2014-4407 | Information Exposure vulnerability in Apple Iphone OS and Tvos IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls. | 3.3 |
| 2014-09-18 | CVE-2014-4404 | Out-of-bounds Write vulnerability in Apple Iphone OS and mac OS X Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties. | 7.8 |
| 2014-09-18 | CVE-2014-4388 | Improper Input Validation vulnerability in Apple mac OS X IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418. | 7.8 |
| 2014-09-18 | CVE-2014-4375 | Unspecified vulnerability in Apple mac OS X Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. | 7.8 |
| 2014-09-18 | CVE-2014-4373 | Unspecified vulnerability in Apple Iphone OS The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application. | 5.5 |
| 2014-09-18 | CVE-2014-4364 | Cryptographic Issues vulnerability in Apple Iphone OS The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash. | 5.6 |
| 2010-06-30 | CVE-2010-2249 | Memory Leak vulnerability in multiple products Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | 6.5 |