Mac Os X@10.9 Security Vulnerabilities and Issues — Page 2 of Mac Os X@10.9 CVE List

Lucene search

AppleMac Os X10.9

61 matches found

CVE•added 2014/09/19 10:55 a.m.•43 views

CVE-2014-4376

IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.

10CVSS7.5AI score0.00962EPSS

CVE•added 2014/02/27 1:55 a.m.•42 views

CVE-2014-1265

The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.

4.6CVSS5.8AI score0.00054EPSS

CVE•added 2014/04/23 11:52 a.m.•42 views

CVE-2014-1319

Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.

6.8CVSS7.9AI score0.01239EPSS

CVE•added 2014/07/01 10:17 a.m.•42 views

CVE-2014-1371

Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.

7.5CVSS7.6AI score0.00788EPSS

CVE•added 2014/09/19 10:55 a.m.•41 views

CVE-2014-1391

QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

6.8CVSS7.7AI score0.05493EPSS

CVE•added 2014/11/18 11:59 a.m.•41 views

CVE-2014-4458

The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.

5CVSS5.5AI score0.0056EPSS

CVE•added 2014/07/01 10:17 a.m.•39 views

CVE-2014-1377

Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.

10CVSS7.1AI score0.01343EPSS

CVE•added 2014/07/01 10:17 a.m.•39 views

CVE-2014-1381

Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.

10CVSS7.4AI score0.01329EPSS

CVE•added 2014/07/01 10:17 a.m.•36 views

CVE-2014-1380

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

2.6CVSS6.2AI score0.00067EPSS

CVE•added 2014/07/01 10:17 a.m.•34 views

CVE-2014-1378

IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.

2.1CVSS5.5AI score0.00062EPSS

CVE•added 2014/07/01 10:17 a.m.•32 views

CVE-2014-1375

Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.

2.1CVSS5.5AI score0.00068EPSS

Total number of security vulnerabilities61