Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tvos
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit |
| #Vulnerabilities | 1838 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-09-18 | CVE-2014-4383 | The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header. | Iphone_os, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4381 | Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4380 | The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4379 | An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4378 | CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4377 | Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4375 | Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. | Iphone_os, Mac_os_x, Tvos | 7.8 | ||
| 2014-09-18 | CVE-2014-4373 | The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application. | Iphone_os, Mac_os_x, Tvos | 5.5 | ||
| 2014-09-18 | CVE-2014-4372 | syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file. | Iphone_os, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4369 | The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments. | Iphone_os, Tvos | N/A |