Apple

tvOS

1924 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2014-1294

  • EPSS 1.8%
  • Veröffentlicht 14.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-...

5.8

CVE-2014-1267

  • EPSS 0.22%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile af...

7.8

CVE-2014-1271

  • EPSS 0.3%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app.

6.3

CVE-2014-1272

  • EPSS 0.02%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink.

5.8

CVE-2014-1273

  • EPSS 0.22%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library.

7.4

CVE-2014-1266

Exploit
  • EPSS 31.99%
  • Veröffentlicht 22.02.2014 17:05:21
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x ...

6.8

CVE-2013-0340

Exploit
  • EPSS 0.05%
  • Veröffentlicht 21.01.2014 18:55:09
  • Zuletzt bearbeitet 25.11.2025 17:15:47

expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests t...

6.8

CVE-2013-5198

  • EPSS 2.12%
  • Veröffentlicht 18.12.2013 16:04:33
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other W...

6.8

CVE-2013-5199

  • EPSS 2.76%
  • Veröffentlicht 18.12.2013 16:04:33
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other W...

6.8

CVE-2013-5225

  • EPSS 2.12%
  • Veröffentlicht 18.12.2013 16:04:33
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other W...