Max CVSS | 10.0 | Min CVSS | 3.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-1295 | 6.8 |
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-
|
08-03-2019 - 16:06 | 23-04-2014 - 11:52 | |
CVE-2014-1296 | 4.3 |
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restri
|
08-03-2019 - 16:06 | 23-04-2014 - 11:52 | |
CVE-2014-1320 | 4.9 |
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attribute
|
08-03-2019 - 16:06 | 23-04-2014 - 11:52 | |
CVE-2013-6393 | 6.8 |
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML docum
|
30-10-2018 - 16:27 | 06-02-2014 - 22:55 | |
CVE-2013-4164 | 6.8 |
Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute
|
09-01-2018 - 02:29 | 23-11-2013 - 19:55 | |
CVE-2014-1322 | 4.9 |
The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the obj
|
24-04-2014 - 13:56 | 23-04-2014 - 11:52 | |
CVE-2014-1321 | 3.3 |
Power Management in Apple OS X 10.9.x through 10.9.2 allows physically proximate attackers to bypass an intended transition into the locked-screen state by touching (1) a key or (2) the trackpad during a lid-close action.
|
24-04-2014 - 13:52 | 23-04-2014 - 11:52 | |
CVE-2014-1314 | 10.0 |
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.
|
24-04-2014 - 11:24 | 23-04-2014 - 11:52 | |
CVE-2013-5170 | 6.8 |
Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
|
24-04-2014 - 04:58 | 24-10-2013 - 03:48 | |
CVE-2014-1319 | 6.8 |
Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
|
23-04-2014 - 18:02 | 23-04-2014 - 11:52 | |
CVE-2014-1318 | 10.0 |
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application.
|
23-04-2014 - 17:58 | 23-04-2014 - 11:52 | |
CVE-2014-1316 | 5.0 |
Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol.
|
23-04-2014 - 17:52 | 23-04-2014 - 11:52 | |
CVE-2014-1315 | 6.8 |
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL.
|
23-04-2014 - 17:48 | 23-04-2014 - 11:52 |