|
276951
|
- |
|
apple
|
mac_os_x
|
Multiple unspecified vulnerabilities in the Bluetooth driver in Apple OS X before 10.10.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.
|
NVD-CWE-noinfo
|
CVE-2014-8837
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276952
|
- |
|
apple
|
mac_os_x
|
The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (arbitrary-size bzero of kernel memory) via a crafted…
|
CWE-20
Improper Input Validation
|
CVE-2014-8836
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276953
|
- |
|
apple
|
mac_os_x
|
The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code …
|
CWE-19
Data Processing Errors
|
CVE-2014-8835
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276954
|
- |
|
apple
|
mac_os_x
|
UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document's password in a printing preference file, which allows local users to obtain sensitive information by reading a file.
|
CWE-200
Information Exposure
|
CVE-2014-8834
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276955
|
- |
|
apple
|
mac_os_x
|
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during access to a permission cache, which allows local users to read search results associated with other users'…
|
CWE-284
Improper Access Control
|
CVE-2014-8833
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276956
|
- |
|
apple
|
mac_os_x
|
The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this dr…
|
CWE-200
Information Exposure
|
CVE-2014-8832
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276957
|
- |
|
apple
|
mac_os_x
|
security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8831
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276958
|
- |
|
apple
|
mac_os_x
|
Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8830
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276959
|
- |
|
apple
|
mac_os_x
|
SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8829
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276960
|
- |
|
apple
|
mac_os_x
|
Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8828
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
