Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2014-4381

  • EPSS 1.74%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.

9.3

CVE-2014-4388

  • EPSS 0.54%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata...

9.3

CVE-2014-4389

  • EPSS 1.75%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.

9.3

CVE-2014-4404

Warning
  • EPSS 60.44%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.

9.3

CVE-2014-4405

  • EPSS 1.75%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.

4.3

CVE-2014-4407

  • EPSS 0.22%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.

6.9

CVE-2014-4408

  • EPSS 0.04%
  • Published 18.09.2014 10:55:09
  • Last modified 12.04.2025 10:46:40

The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.

4.3

CVE-2014-0117

  • EPSS 60.03%
  • Published 20.07.2014 11:12:48
  • Last modified 12.04.2025 10:46:40

The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.

6.8

CVE-2014-1370

  • EPSS 1.85%
  • Published 01.07.2014 10:17:27
  • Last modified 12.04.2025 10:46:40

The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archiv...

7.5

CVE-2014-1371

  • EPSS 0.79%
  • Published 01.07.2014 10:17:27
  • Last modified 12.04.2025 10:46:40

Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a...