Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-4394 1Apple 1Mac Os X May 6, 2026 Sep 19, 2014 N/A· v4 N/A· v3 6.9 MEDIUM· v2 An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged cont...Show more An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.Show less
CVE-2014-4393 1Apple 1Mac Os X May 6, 2026 Sep 19, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted G...Show more Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.Show less
CVE-2014-4390 1Apple 1Mac Os X May 6, 2026 Sep 19, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
CVE-2014-4376 1Apple 1Mac Os X May 6, 2026 Sep 19, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted...Show more IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.Show less
CVE-2014-4350 1Apple 2Mac Os X Mac Os X Server May 6, 2026 Sep 19, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.
CVE-2014-1391 1Apple 2Mac Os X Mac Os X Server May 6, 2026 Sep 19, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.
CVE-2014-4421 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 1.9 LOW· v2 The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via...Show more The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420.Show less
CVE-2014-4420 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 1.9 LOW· v2 The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via...Show more The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.Show less
CVE-2014-4419 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 1.9 LOW· v2 The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via...Show more The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421.Show less
CVE-2014-4414 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...Show more WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.Show less
CVE-2014-4413 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...Show more WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.Show less
CVE-2014-4412 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...Show more WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.Show less
CVE-2014-4411 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...Show more WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.Show less
CVE-2014-4410 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vu...Show more WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.Show less
CVE-2014-4408 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
CVE-2014-4407 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function cal...Show more IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.Show less
CVE-2014-4405 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted...Show more IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.Show less
CVE-2014-4404 1Apple 3Iphone Os Mac Os XTvos Apr 21, 2026 Sep 18, 2014 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
CVE-2014-4389 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
CVE-2014-4388 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Sep 18, 2014 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted...Show more IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418.Show less

Previous 1...110111112...161 Next