Vulnerabilities > Apple > Tvos > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-14 | CVE-2014-1273 | Improper Input Validation vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library. | 5.8 |
| 2014-03-14 | CVE-2014-1272 | Link Following vulnerability in Apple Iphone OS and Tvos CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink. | 6.3 |
| 2014-03-14 | CVE-2014-1267 | Improper Input Validation vulnerability in Apple Iphone OS and Tvos The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. | 5.8 |
| 2013-12-18 | CVE-2013-5228 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
| 2013-12-18 | CVE-2013-5225 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
| 2013-12-18 | CVE-2013-5199 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
| 2013-12-18 | CVE-2013-5198 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
| 2013-12-18 | CVE-2013-5197 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
| 2013-12-18 | CVE-2013-5196 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | 6.8 |
| 2013-03-20 | CVE-2013-0977 | Security Bypass vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments. | 4.6 |