Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-4397 | 1 Apple | 1 Mac Os X | 2017-08-28 | 6.9 MEDIUM | N/A |
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416. | |||||
CVE-2014-4396 | 1 Apple | 1 Mac Os X | 2017-08-28 | 6.9 MEDIUM | N/A |
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416. | |||||
CVE-2014-4395 | 1 Apple | 1 Mac Os X | 2017-08-28 | 6.9 MEDIUM | N/A |
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416. | |||||
CVE-2014-4394 | 1 Apple | 1 Mac Os X | 2017-08-28 | 6.9 MEDIUM | N/A |
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416. | |||||
CVE-2014-4393 | 1 Apple | 1 Mac Os X | 2017-08-28 | 10.0 HIGH | N/A |
Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader. | |||||
CVE-2014-4391 | 1 Apple | 1 Mac Os X | 2017-08-28 | 6.8 MEDIUM | N/A |
The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions by omitting an execution-related resource. | |||||
CVE-2014-4390 | 1 Apple | 1 Mac Os X | 2017-08-28 | 9.3 HIGH | N/A |
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application. | |||||
CVE-2014-4374 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-08-28 | 5.0 MEDIUM | N/A |
NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
CVE-2014-4351 | 1 Apple | 1 Mac Os X | 2017-08-28 | 6.8 MEDIUM | N/A |
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file. | |||||
CVE-2014-4350 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-28 | 6.8 MEDIUM | N/A |
Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file. | |||||
CVE-2014-4376 | 1 Apple | 1 Mac Os X | 2017-08-28 | 10.0 HIGH | N/A |
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments. | |||||
CVE-2014-1568 | 4 Apple, Google, Microsoft and 1 more | 9 Mac Os X, Chrome, Chrome Os and 6 more | 2017-08-28 | 7.5 HIGH | N/A |
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. | |||||
CVE-2014-1391 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-28 | 6.8 MEDIUM | N/A |
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding. | |||||
CVE-2014-1252 | 1 Apple | 3 Iphone Os, Mac Os X, Pages | 2017-08-28 | 7.5 HIGH | N/A |
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. | |||||
CVE-2014-0876 | 3 Apple, Ibm, Microsoft | 3 Mac Os X, Tivoli Storage Manager, Windows | 2017-08-28 | 2.1 LOW | N/A |
Buffer overflow in the Java GUI Configuration Wizard and Preferences Editor in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.2.5.2, 6.3.x before 6.3.2, and 6.4.x before 6.4.2 on Windows and OS X allows local users to cause a denial of service (application crash or hang) via unspecified vectors. | |||||
CVE-2014-0567 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-08-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561. | |||||
CVE-2014-0565 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-08-28 | 10.0 HIGH | N/A |
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0566. | |||||
CVE-2014-0563 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-08-28 | 7.8 HIGH | N/A |
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2014-0562 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-08-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." | |||||
CVE-2014-0561 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-08-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567. |