CVSS: 8.8EPSS: 2%CPEs: 30EXPL: 0CVE-2014-1364 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1364
01 Jul 2014 — WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. WebKit, utilizado en Apple iOS anterior a 7.1.2, Apple Safari anterior a 6.1.5 y 7.x anterior a 7.0.5, y Apple TV ane... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0171.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 30EXPL: 0CVE-2014-1325 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1325
01 Jul 2014 — WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. WebKit, utilizado en Apple iOS anterior a 7.1.2, Apple Safari anterior a 6.1.5 y 7.x anterior a 7.0.5, y Apple TV ant... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0171.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1357 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1357
01 Jul 2014 — Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages. Desbordamiento de buffer basado en memoria dinámica en launchd en Apple iOS anterior a 7.1.2, Apple OS X anterior a 10.9.4, y Apple TV anterior a 6.1.2 permite a atacantes ejecutar código arbitrario a través de una aplicación manipulada que genera mensajes del registro. OS X Mavericks 10.9.4 and ... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 30EXPL: 0CVE-2014-1368 – Apple Security Advisory 2014-06-30-4
https://notcve.org/view.php?id=CVE-2014-1368
01 Jul 2014 — WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. WebKit, utilizado en Apple iOS anterior a 7.1.2, Apple Safari anterior a 6.1.5 y 7.x anterior a 7.0.5, y Apple TV ant... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0171.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 34EXPL: 0CVE-2014-1296 – Apple Security Advisory 2014-04-22-1
https://notcve.org/view.php?id=CVE-2014-1296
23 Apr 2014 — CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. CFNetwork en Apple iOS anterior a 7.1.1, Apple OS X hasta 10.9.2 y Apple TV anterior a 6.1.1 no asegura que una cabecera HTTP de con... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 22EXPL: 1CVE-2014-1295 – Apple Security Advisory 2014-04-22-1
https://notcve.org/view.php?id=CVE-2014-1295
23 Apr 2014 — Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." Secure Transport en Apple iOS anterior a 7.1.1, Apple OS X 10.8.x y 10.9.x hasta 10.9.2 y Apple TV anterior a 6.1.1 no asegura que el certificado X.5... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-287: Improper Authentication •
CVSS: 4.9EPSS: 3%CPEs: 15EXPL: 0CVE-2014-1320 – (Pwn2Own\Pwn4Fun) Apple OS X IOKit Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-1320
23 Apr 2014 — IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object. IOKit en Apple iOS anterior a 7.1.1, Apple OS X hasta 10.9.2 y Apple TV anterior a 6.1.1 coloca punteros de kernel dentro de una estructura de datos de objeto, lo que facilita a usuarios locales evadir el mecanismo de protección ASLR mediante la... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1291 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1291
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2014-1279 – Apple TV Touch Password Disclosure
https://notcve.org/view.php?id=CVE-2014-1279
11 Mar 2014 — Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. Apple TV anterior a 6.1 no restringe debidamente el registrado de logs, lo que permite a usuarios locales obtener información sensible mediante la lectura de datos de log. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, and various other vulnerabilities. • https://packetstorm.news/files/id/125657 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1294 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1294
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •