Vulnerabilities > Apple > Tvos > 2.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-14 | CVE-2014-1271 | Improper Input Validation vulnerability in Apple Iphone OS and Tvos CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app. | 7.8 |
2014-03-14 | CVE-2014-1267 | Improper Input Validation vulnerability in Apple Iphone OS and Tvos The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. | 5.8 |
2013-12-18 | CVE-2013-5228 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
2013-12-18 | CVE-2013-5225 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
2013-12-18 | CVE-2013-5199 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
2013-12-18 | CVE-2013-5198 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
2013-12-18 | CVE-2013-5197 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
2013-12-18 | CVE-2013-5196 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
2013-03-20 | CVE-2013-0981 | Unspecified vulnerability in Apple Iphone OS and Tvos The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code. | 7.2 |
2013-03-20 | CVE-2013-0978 | Information Exposure vulnerability in Apple Iphone OS and Tvos The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code. | 2.1 |