libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of. Rated low severity (CVSS 1.9). No vendor patch available.