Vulnerabilities > Apple > MAC OS X > 10.9.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-30 | CVE-2014-8825 | Improper Input Validation vulnerability in Apple mac OS X The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors. | 7.2 |
| 2015-01-30 | CVE-2014-8824 | Improper Input Validation vulnerability in Apple mac OS X The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | 10.0 |
| 2015-01-30 | CVE-2014-8823 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument. | 4.7 |
| 2015-01-30 | CVE-2014-8822 | Data Processing Errors vulnerability in Apple mac OS X IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method. | 10.0 |
| 2015-01-30 | CVE-2014-8821 | Unspecified vulnerability in Apple mac OS X The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8820. | 7.2 |
| 2015-01-30 | CVE-2014-8820 | Unspecified vulnerability in Apple mac OS X The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8821. | 7.2 |
| 2015-01-30 | CVE-2014-8819 | Unspecified vulnerability in Apple mac OS X The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8820 and CVE-2014-8821. | 7.2 |
| 2015-01-30 | CVE-2014-8817 | Data Processing Errors vulnerability in Apple mac OS X coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpc_dictionary_get_value API return values during handling of a (1) match_mmap_archives, (2) delete_mmap_archives, (3) write_mmap_archive, or (4) read_mmap_archive command. | 10.0 |
| 2015-01-30 | CVE-2014-8816 | Resource Management Errors vulnerability in Apple mac OS X CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PDF document. | 6.8 |
| 2015-01-30 | CVE-2014-4499 | Information Exposure vulnerability in Apple mac OS X The App Store process in CommerceKit Framework in Apple OS X before 10.10.2 places Apple ID credentials in App Store logs, which allows local users to obtain sensitive information by reading a file. | 2.1 |