CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4411 – Apple Security Advisory 2014-09-17-4
https://notcve.org/view.php?id=CVE-2014-4411
17 Sep 2014 — WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. WebKit, utilizado en Apple iOS anterior a 8 y Apple TV anterior a 7, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria y caída de l... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4381 – Apple Security Advisory 2014-09-17-2
https://notcve.org/view.php?id=CVE-2014-4381
17 Sep 2014 — Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application. Libnotify en Apple iOS anterior a 8 y Apple TV anterior a 7 carece de comprobadores de límites adecuados en las operaciones de escritura, lo que permite a atacantes ejecutar código como root a través de una aplicación manipulada. OS X Mavericks 10.9.5 and Security Update 2014-004 are now available and address PHP code exec... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2014-4374 – Apple Foundation NSXMLParser XML eXternal Entity (XXE)
https://notcve.org/view.php?id=CVE-2014-4374
17 Sep 2014 — NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NSXMLParser en Foundation en Apple iOS anterior a 8 permite a los atacantes leer ficheros arbitrarios a través de datos XML que contienen una declaración de entidad externa en conjunto con una referencia de entidad, relacionado con un problema de entidad externa XML (XXE). In May... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4375 – Apple Security Advisory 2014-09-17-2
https://notcve.org/view.php?id=CVE-2014-4375
17 Sep 2014 — Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. Vulnerabilidad de doble liberación en Apple iOS anterior a 8 y Apple TV anterior a 7 permite a usuarios locales ganar privilegios o causar una denegación de servicio (caída de dispositivo)a través de vectores relacionados con puertos Mach. Apple TV 7 is now available and addresses wifi credential interception, information d... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4410 – Apple Security Advisory 2014-09-17-4
https://notcve.org/view.php?id=CVE-2014-4410
17 Sep 2014 — WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. WebKit, como el utilizado en Apple iOS anteriores a 8 y Apple TV anteriores a 7, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4388 – Apple Security Advisory 2014-09-17-2
https://notcve.org/view.php?id=CVE-2014-4388
17 Sep 2014 — IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418. IOKit en Apple iOS anterior a 8 y Apple TV anterior a 7 no valida debidamente los metadatos de objetos IODataQueue, lo que permite a atacantes ejecutar código arbitrario en contexto privilegiado a traves de ... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4405 – Apple Security Advisory 2014-09-17-2
https://notcve.org/view.php?id=CVE-2014-4405
17 Sep 2014 — IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties. IOHIDFamily en Apple iOS anterior a 8 y Apple TV anterior a 7 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (referencia a puntero nulo) a través de una aplicación que provee propiedades de asignación de ... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html •
CVSS: 6.1EPSS: 1%CPEs: 18EXPL: 1CVE-2014-4378 – Apple Security Advisory 2014-09-17-2
https://notcve.org/view.php?id=CVE-2014-4378
17 Sep 2014 — CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document. CoreGraphics en Apple iOS anterior a 8 y Apple TV anterior 7 permite a atacantes remotos obtener información sensible o causar una denegación de servicio (lectura fuera de rango y caída de aplicación) a través de un documento PDF manipulado. OS X Mavericks 10.9.5 and Security Update 2014-004 are no... • https://github.com/feliam/CVE-2014-4378 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4414 – Apple Security Advisory 2014-09-17-4
https://notcve.org/view.php?id=CVE-2014-4414
17 Sep 2014 — WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. WebKit, utilizado en Apple iOS anterior a 8 y Apple TV anterior a 7, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria y caída de l... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4421 – Apple Security Advisory 2014-09-17-2
https://notcve.org/view.php?id=CVE-2014-4421
17 Sep 2014 — The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420. La interfaz de estadísticas de red en el kernel, en Apple iOS anterior a la versión 8 y en Apple TV anterior a 7, no inicializa correctamente memoria, lo que permitiría a atacantes obtener ... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html •