Filtered by vendor Apple
Subscriptions
Total
13358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-1251 | 1 Apple | 1 Quicktime | 2025-04-12 | N/A |
| Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file. | ||||
| CVE-2014-1261 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font. | ||||
| CVE-2014-1264 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstances via standard filesystem operations on a file with a damaged ACL. | ||||
| CVE-2014-1267 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | N/A |
| The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. | ||||
| CVE-2014-1279 | 1 Apple | 1 Tvos | 2025-04-12 | N/A |
| Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. | ||||
| CVE-2014-1280 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | N/A |
| Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding. | ||||
| CVE-2014-1281 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Photos Backend in Apple iOS before 7.1 does not properly manage the asset-library cache during deletions, which allows physically proximate attackers to obtain sensitive photo data by launching the Photos app and looking under a transparent image. | ||||
| CVE-2014-1282 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | N/A |
| The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name. | ||||
| CVE-2014-1285 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an unactivated device. | ||||
| CVE-2014-1286 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| SpringBoard Lock Screen in Apple iOS before 7.1 allows remote attackers to cause a denial of service (lock-screen hang) by leveraging a state-management error. | ||||
| CVE-2014-1300 | 1 Apple | 2 Mac Os X, Safari | 2025-04-12 | N/A |
| Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014. | ||||
| CVE-2014-1301 | 1 Apple | 2 Itunes, Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | ||||
| CVE-2014-1302 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | ||||
| CVE-2014-1315 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL. | ||||
| CVE-2014-1316 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol. | ||||
| CVE-2014-1318 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application. | ||||
| CVE-2014-1319 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. | ||||
| CVE-2014-1320 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | N/A |
| IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object. | ||||
| CVE-2014-1321 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Power Management in Apple OS X 10.9.x through 10.9.2 allows physically proximate attackers to bypass an intended transition into the locked-screen state by touching (1) a key or (2) the trackpad during a lid-close action. | ||||
| CVE-2014-1334 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||