| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-4480 | 10.0 |
Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink.
|
08-03-2019 - 16:06 | 30-01-2015 - 11:59 | |
| CVE-2014-4496 | 5.0 |
The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism
|
08-03-2019 - 16:06 | 30-01-2015 - 11:59 | |
| CVE-2014-8840 | 6.8 |
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store.
|
08-09-2017 - 01:29 | 30-01-2015 - 11:59 | |
| CVE-2014-4494 | 6.8 |
Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterp
|
17-11-2015 - 16:25 | 30-01-2015 - 11:59 | |
| CVE-2014-4493 | 7.5 |
The app-installation functionality in MobileInstallation in Apple iOS before 8.1.3 allows attackers to obtain control of the local app container by leveraging access to an enterprise distribution certificate for signing a crafted app.
|
17-11-2015 - 16:24 | 30-01-2015 - 11:59 |