| Max CVSS | 6.8 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3566 | 4.3 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
|
12-09-2023 - 14:55 | 15-10-2014 - 00:55 | |
| CVE-2014-4448 | 1.9 |
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.
|
29-08-2017 - 01:35 | 22-10-2014 - 10:55 | |
| CVE-2014-4428 | 5.4 |
Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing.
|
29-08-2017 - 01:35 | 18-10-2014 - 01:55 | |
| CVE-2014-4450 | 1.9 |
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within u
|
29-08-2017 - 01:35 | 22-10-2014 - 10:55 | |
| CVE-2014-4449 | 6.8 |
iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
|
29-08-2017 - 01:35 | 22-10-2014 - 10:55 |