Apple

iPhone OS

4053 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.24%
  • Veröffentlicht 30.01.2015 11:59:49
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store.

  • EPSS 1.82%
  • Veröffentlicht 30.01.2015 11:59:25
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism ...

  • EPSS 2.94%
  • Veröffentlicht 30.01.2015 11:59:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restric...

  • EPSS 0.9%
  • Veröffentlicht 30.01.2015 11:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterp...

  • EPSS 1.01%
  • Veröffentlicht 30.01.2015 11:59:22
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The app-installation functionality in MobileInstallation in Apple iOS before 8.1.3 allows attackers to obtain control of the local app container by leveraging access to an enterprise distribution certificate for signing a crafted app.

Exploit
  • EPSS 19.73%
  • Veröffentlicht 30.01.2015 11:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC mes...

  • EPSS 3.24%
  • Veröffentlicht 30.01.2015 11:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly initialize event queues, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer...

  • EPSS 1.7%
  • Veröffentlicht 30.01.2015 11:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass ...

  • EPSS 3.24%
  • Veröffentlicht 30.01.2015 11:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly validate resource-queue metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • EPSS 3.68%
  • Veröffentlicht 30.01.2015 11:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app.