OS X

CVEs (533)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2014-4401	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4400	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4399	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4398	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4397	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4396	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4395	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4394	Apple Inc. Mac Os X	—	0.00	Sep 19, 2014	An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4393	Apple Inc. Mac Os X	—	0.06	Sep 19, 2014	Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.
CVE-2014-4390	Apple Inc. Mac Os X	—	0.01	Sep 19, 2014	Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
CVE-2014-4376	Apple Inc. Mac Os X	—	0.01	Sep 19, 2014	IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.
CVE-2014-1381	Apple Inc. Mac Os X	—	0.01	Jul 1, 2014	Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.
CVE-2014-1380	Apple Inc. Mac Os X	—	0.00	Jul 1, 2014	The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via…
CVE-2014-1379	Apple Inc. Mac Os X	—	0.00	Jul 1, 2014	Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a 32-bit executable file for a crafted application.
CVE-2014-1378	Apple Inc. Mac Os X	—	0.00	Jul 1, 2014	IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
CVE-2014-1377	Apple Inc. Mac Os X	—	0.01	Jul 1, 2014	Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.
CVE-2014-1376	Apple Inc. Mac Os X	—	0.01	Jul 1, 2014	Intel Compute in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenCL API call, which allows attackers to execute arbitrary code via a crafted application.
CVE-2014-1375	Apple Inc. Mac Os X	—	0.00	Jul 1, 2014	Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
CVE-2014-1372	Apple Inc. Mac Os X	—	0.00	Jul 1, 2014	Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call.
CVE-2014-1371	Apple Inc. Mac Os X	—	0.01	Jul 1, 2014	Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.

CVE-2014-4401Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4400Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4399Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4398Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4397Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4396Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4395Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4394Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability…
CVE-2014-4393Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.06
Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.
CVE-2014-4390Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
CVE-2014-4376Sep 19, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.
CVE-2014-1381Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.
CVE-2014-1380Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via…
CVE-2014-1379Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a 32-bit executable file for a crafted application.
CVE-2014-1378Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
CVE-2014-1377Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.
CVE-2014-1376Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Intel Compute in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenCL API call, which allows attackers to execute arbitrary code via a crafted application.
CVE-2014-1375Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
CVE-2014-1372Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call.
CVE-2014-1371Jul 1, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.

Page 26 of 27