Search Results (5636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-5944 1 Apple 1 Mac Os X 2025-04-12 N/A
CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
CVE-2014-4389 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
CVE-2014-1261 1 Apple 1 Mac Os X 2025-04-12 N/A
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
CVE-2014-4391 1 Apple 1 Mac Os X 2025-04-12 N/A
The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions by omitting an execution-related resource.
CVE-2014-4393 1 Apple 1 Mac Os X 2025-04-12 N/A
Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.
CVE-2014-4394 1 Apple 1 Mac Os X 2025-04-12 N/A
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
CVE-2014-1260 1 Apple 1 Mac Os X 2025-04-12 N/A
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
CVE-2015-5945 1 Apple 1 Mac Os X 2025-04-12 N/A
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters.
CVE-2014-1259 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-12 N/A
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
CVE-2014-4398 1 Apple 1 Mac Os X 2025-04-12 N/A
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
CVE-2014-1258 1 Apple 1 Mac Os X 2025-04-12 N/A
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
CVE-2014-1257 1 Apple 1 Mac Os X 2025-04-12 N/A
CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation.
CVE-2014-1256 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-12 N/A
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
CVE-2014-4402 1 Apple 1 Mac Os X 2025-04-12 N/A
An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
CVE-2015-5943 1 Apple 1 Mac Os X 2025-04-12 N/A
SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app.
CVE-2014-4403 1 Apple 1 Mac Os X 2025-04-12 N/A
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
CVE-2015-5986 2 Apple, Isc 2 Mac Os X Server, Bind 2025-04-12 N/A
openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.
CVE-2014-0876 3 Apple, Ibm, Microsoft 3 Mac Os X, Tivoli Storage Manager, Windows 2025-04-12 N/A
Buffer overflow in the Java GUI Configuration Wizard and Preferences Editor in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.2.5.2, 6.3.x before 6.3.2, and 6.4.x before 6.4.2 on Windows and OS X allows local users to cause a denial of service (application crash or hang) via unspecified vectors.
CVE-2014-0590 5 Adobe, Apple, Linux and 2 more 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more 2025-04-12 N/A
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0586.
CVE-2014-0589 5 Adobe, Apple, Linux and 2 more 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more 2025-04-12 N/A
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582.