Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-06 | CVE-2015-0316 | Security vulnerability in Adobe Flash Player Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330. | 10.0 |
| 2015-02-06 | CVE-2015-0315 | Security vulnerability in Adobe Flash Player Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0320, and CVE-2015-0322. | 10.0 |
| 2015-02-06 | CVE-2015-0314 | Security vulnerability in Adobe Flash Player Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330. | 10.0 |
| 2015-01-30 | CVE-2014-9161 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. | 9.3 |
| 2015-01-30 | CVE-2014-8839 | Information Exposure vulnerability in Apple mac OS X Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL. | 5.0 |
| 2015-01-30 | CVE-2014-8838 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted app. | 4.3 |
| 2015-01-30 | CVE-2014-8837 | Unspecified vulnerability in Apple mac OS X Multiple unspecified vulnerabilities in the Bluetooth driver in Apple OS X before 10.10.2 allow attackers to execute arbitrary code in a privileged context via a crafted app. | 9.3 |
| 2015-01-30 | CVE-2014-8836 | Improper Input Validation vulnerability in Apple mac OS X The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (arbitrary-size bzero of kernel memory) via a crafted app. | 10.0 |
| 2015-01-30 | CVE-2014-8835 | Data Processing Errors vulnerability in Apple mac OS X 10.10.0/10.10.1 The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an "XPC type confusion" issue. | 9.3 |
| 2015-01-30 | CVE-2014-8834 | Information Exposure vulnerability in Apple mac OS X 10.10.0/10.10.1 UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document's password in a printing preference file, which allows local users to obtain sensitive information by reading a file. | 2.1 |