CVE-2014-4373
- EPSS 1.28%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application.
CVE-2014-4375
- EPSS 0.36%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
CVE-2014-4377
- EPSS 6.95%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2014-4378
- EPSS 4.98%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.
CVE-2014-4379
- EPSS 2.17%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.
CVE-2014-4380
- EPSS 3.22%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.
CVE-2014-4381
- EPSS 3.42%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.
CVE-2014-4383
- EPSS 1.46%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Assets subsystem in Apple iOS before 8 and Apple TV before 7 allows man-in-the-middle attackers to spoof a device's update status via a crafted Last-Modified HTTP response header.
CVE-2014-4388
- EPSS 1.67%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata...
CVE-2014-4389
- EPSS 3.42%
- Veröffentlicht 18.09.2014 10:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.