Lucene search

K
AppleTvos6.0.1

67 matches found

CVE
CVE
added 2014/03/14 10:55 a.m.48 views

CVE-2014-1275

Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.

6.8CVSS7.9AI score0.01142EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.48 views

CVE-2014-1365

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS
CVE
CVE
added 2014/09/18 10:55 a.m.48 views

CVE-2014-4379

An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.

7.1CVSS6.3AI score0.01872EPSS
CVE
CVE
added 2014/09/18 10:55 a.m.48 views

CVE-2014-4411

WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA...

6.8CVSS7.8AI score0.01114EPSS
CVE
CVE
added 2014/03/14 10:55 a.m.47 views

CVE-2014-1267

The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed.

5.8CVSS5.6AI score0.00222EPSS
CVE
CVE
added 2014/03/14 10:55 a.m.47 views

CVE-2014-1272

CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink.

6.3CVSS5.7AI score0.00024EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.47 views

CVE-2014-1325

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS
CVE
CVE
added 2014/03/14 10:55 a.m.46 views

CVE-2014-1279

Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data.

2.1CVSS5.1AI score0.00056EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.46 views

CVE-2014-1367

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.45 views

CVE-2014-1356

Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages.

10CVSS7.3AI score0.03252EPSS
CVE
CVE
added 2014/11/18 11:59 a.m.45 views

CVE-2014-4461

The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.

9.3CVSS4.2AI score0.0186EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.44 views

CVE-2014-1368

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS
CVE
CVE
added 2014/03/14 10:55 a.m.43 views

CVE-2014-1273

dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library.

5.8CVSS5.7AI score0.00222EPSS
CVE
CVE
added 2014/11/18 11:59 a.m.43 views

CVE-2014-4455

dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.

2.1CVSS5.3AI score0.00063EPSS
CVE
CVE
added 2014/03/14 10:55 a.m.41 views

CVE-2014-1278

The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call.

7.2CVSS5.9AI score0.00038EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.38 views

CVE-2014-1382

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS
CVE
CVE
added 2014/07/01 10:17 a.m.35 views

CVE-2014-1383

Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors.

5.5CVSS5.9AI score0.00152EPSS
Total number of security vulnerabilities67