Skip to main content
CVE-2014-4404 HIGH POC KEV THREAT Act Now

Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Apple RCE Memory Corruption
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
62.0%
Threat
6.4
CVE-2014-4422 HIGH This Week

The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Authentication Bypass Tvos Iphone Os
NVD
CVSS 3.0
8.1
EPSS
1.7%
CVE-2014-4369 HIGH This Week

The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Denial Of Service Tvos Iphone Os
NVD
CVSS 2.0
7.8
EPSS
1.0%
CVE-2014-4388 HIGH This Week

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Mac Os X Iphone Os Tvos
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2014-4418 HIGH This Week

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Iphone Os Tvos
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2014-4375 HIGH This Week

Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Denial Of Service Mac Os X Tvos Iphone Os
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2014-4379 HIGH This Week

An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Apple Buffer Overflow Tvos Mac Os X Iphone Os
NVD
CVSS 2.0
7.1
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy