Total
3723 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-4486 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 10.0 HIGH | N/A |
IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
CVE-2014-4485 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 7.5 HIGH | N/A |
Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | |||||
CVE-2014-4484 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 7.5 HIGH | N/A |
FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .dfont file. | |||||
CVE-2014-4483 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 6.8 MEDIUM | N/A |
Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font file in a PDF document. | |||||
CVE-2014-4481 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | |||||
CVE-2014-4480 | 1 Apple | 2 Iphone Os, Tvos | 2024-11-21 | 10.0 HIGH | N/A |
Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink. | |||||
CVE-2014-4479 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. | |||||
CVE-2014-4477 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. | |||||
CVE-2014-4476 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. | |||||
CVE-2014-4475 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4474 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4473 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4472 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4471 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4470 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4469 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4468 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4467 | 1 Apple | 1 Iphone Os | 2024-11-21 | 4.3 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site. | |||||
CVE-2014-4466 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | 7.5 HIGH | N/A |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. | |||||
CVE-2014-4465 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-11-21 | 5.0 MEDIUM | N/A |
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element. |