|
276521
|
- |
|
apple
|
mac_os_x
|
security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8831
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276522
|
- |
|
apple
|
mac_os_x
|
Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8830
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276523
|
- |
|
apple
|
mac_os_x
|
SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8829
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276524
|
- |
|
apple
|
mac_os_x
|
Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8828
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276525
|
- |
|
apple
|
mac_os_x
|
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately upon being woken from sleep, which allows physically proximate attackers to obtain sensitive informat…
|
CWE-284
Improper Access Control
|
CVE-2014-8827
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276526
|
- |
|
apple
|
mac_os_x
|
LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive.
|
CWE-19
Data Processing Errors
|
CVE-2014-8826
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276527
|
- |
|
apple
|
mac_os_x
|
The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-ser…
|
CWE-20
Improper Input Validation
|
CVE-2014-8825
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276528
|
- |
|
apple
|
mac_os_x
|
The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
CWE-20
Improper Input Validation
|
CVE-2014-8824
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276529
|
- |
|
apple
|
mac_os_x
|
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leve…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8823
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276530
|
- |
|
apple
|
mac_os_x
|
IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecifi…
|
CWE-19
Data Processing Errors
|
CVE-2014-8822
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
