Apple

tvOS

1890 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2014-4373

  • EPSS 0.19%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.

7.8

CVE-2014-4375

  • EPSS 0.05%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.

6.8

CVE-2014-4377

  • EPSS 11.34%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

5.8

CVE-2014-4378

  • EPSS 2.08%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.

7.1

CVE-2014-4379

  • EPSS 1.87%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.

9.3

CVE-2014-4380

  • EPSS 2.39%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.

9.3

CVE-2014-4381

  • EPSS 1.74%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.

4.3

CVE-2014-4383

  • EPSS 0.63%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header.

9.3

CVE-2014-4388

  • EPSS 0.54%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata...

9.3

CVE-2014-4389

  • EPSS 1.75%
  • Veröffentlicht 18.09.2014 10:55:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.