Apple

iPhone OS

4053 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.34%
  • Veröffentlicht 18.11.2014 11:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.

  • EPSS 1.33%
  • Veröffentlicht 18.11.2014 11:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2...

  • EPSS 3.4%
  • Veröffentlicht 18.11.2014 11:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.

  • EPSS 0.4%
  • Veröffentlicht 18.11.2014 11:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading...

  • EPSS 4.58%
  • Veröffentlicht 18.11.2014 11:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.

  • EPSS 2.64%
  • Veröffentlicht 18.11.2014 11:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debu...

  • EPSS 0.39%
  • Veröffentlicht 18.11.2014 11:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.

  • EPSS 1.82%
  • Veröffentlicht 18.11.2014 11:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.

  • EPSS 1.33%
  • Veröffentlicht 18.11.2014 11:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2...

  • EPSS 0.37%
  • Veröffentlicht 18.11.2014 11:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses.