Apple

iPhone OS

4014 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.9

CVE-2014-4368

  • EPSS 0.06%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events.

7.8

CVE-2014-4369

  • EPSS 0.98%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments.

1.9

CVE-2014-4371

  • EPSS 0.08%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a diffe...

3.6

CVE-2014-4372

  • EPSS 0.04%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file.

7.8

CVE-2014-4373

  • EPSS 0.19%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.

5

CVE-2014-4374

  • EPSS 0.5%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

7.8

CVE-2014-4375

  • EPSS 0.05%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.

6.8

CVE-2014-4377

  • EPSS 11.34%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

5.8

CVE-2014-4378

  • EPSS 2.08%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.

7.1

CVE-2014-4379

  • EPSS 1.87%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.