|
3081
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application…
|
CWE-399
Resource Management Errors
|
CVE-2014-4468
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.1.2
|
|
|
2024-11-21 11:10
2014-12-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3082
|
-
7.5
|
HIGH
|
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application…
|
CWE-399
Resource Management Errors
|
CVE-2014-4466
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.1.2
|
|
|
2024-11-21 11:10
2014-12-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3083
|
-
5.0
|
MEDIUM
|
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an…
|
CWE-20
Improper Input Validation
|
CVE-2014-4465
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.1.2
|
|
|
2024-11-21 11:10
2014-12-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3084
|
-
2.1
|
LOW
|
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4463
|
cpe:2.3:o:apple:iphone_os:8.0:* cpe:2.3:o:apple:iphone_os:8.0.2:* cpe:2.3:o:apple:iphone_os:8.0.1:* cpe:2.3:o:…
|
|
8.1
|
|
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3085
|
-
5.8
|
MEDIUM
|
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra…
|
CWE-399
Resource Management Errors
|
CVE-2014-4462
|
cpe:2.3:o:apple:iphone_os:8.0:* cpe:2.3:o:apple:iphone_os:8.0.2:* cpe:2.3:o:apple:iphone_os:8.0.1:* cpe:2.3:o:…
|
|
8.1
|
|
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3086
|
-
9.3
|
HIGH
|
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context v…
|
CWE-20
Improper Input Validation
|
CVE-2014-4461
|
cpe:2.3:o:apple:iphone_os:8.0:* cpe:2.3:o:apple:iphone_os:8.0.2:* cpe:2.3:o:apple:iphone_os:8.0.1:* cpe:2.3:o:…
|
|
8.1
|
|
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3087
|
-
2.1
|
LOW
|
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate a…
|
CWE-200
Information Exposure
|
CVE-2014-4460
|
cpe:2.3:o:apple:iphone_os:8.0:* cpe:2.3:o:apple:iphone_os:8.0.2:* cpe:2.3:o:apple:iphone_os:8.0.1:* cpe:2.3:o:…
|
|
8.1
|
|
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3088
|
-
6.8
|
MEDIUM
|
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
|
NVD-CWE-Other
|
CVE-2014-4459
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
8.1.3
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3089
|
-
7.5
|
HIGH
|
The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted app…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4457
|
cpe:2.3:o:apple:iphone_os:8.0:* cpe:2.3:o:apple:iphone_os:8.0.2:* cpe:2.3:o:apple:iphone_os:8.0.1:* cpe:2.3:o:…
|
|
8.1
|
|
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3090
|
-
2.1
|
LOW
|
dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4455
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.1.2
|
|
|
2024-11-21 11:10
2014-11-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|