Apple

iPhone OS

3839 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2014-4388

  • EPSS 0.54%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata...

9.3

CVE-2014-4389

  • EPSS 1.75%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.

9.3

CVE-2014-4404

Warnung
  • EPSS 62%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 22.10.2025 01:15:57

Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.

9.3

CVE-2014-4405

  • EPSS 1.75%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.

4.3

CVE-2014-4407

  • EPSS 0.22%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.

6.9

CVE-2014-4408

  • EPSS 0.04%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.

2.1

CVE-2014-4352

  • EPSS 0.04%
  • Veröffentlicht 18.09.2014 10:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

4.3

CVE-2014-4353

  • EPSS 0.46%
  • Veröffentlicht 18.09.2014 10:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.

5.8

CVE-2014-4354

  • EPSS 0.3%
  • Veröffentlicht 18.09.2014 10:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

2.1

CVE-2014-4356

  • EPSS 0.08%
  • Veröffentlicht 18.09.2014 10:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.