Vulnerabilities > Apple > MAC OS X > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-08-12 | CVE-2014-0540 | Permissions, Privileges, and Access Controls vulnerability in Adobe Air, Adobe AIR SDK and Flash Player Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545. | 10.0 |
| 2014-08-12 | CVE-2014-0538 | Use After Free Remote Code Execution vulnerability in Adobe Air, Adobe AIR SDK and Flash Player Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2014-07-01 | CVE-2014-1381 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call. | 10.0 |
| 2014-07-01 | CVE-2014-1379 | Unspecified vulnerability in Apple mac OS X Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a 32-bit executable file for a crafted application. | 10.0 |
| 2014-07-01 | CVE-2014-1377 | Unspecified vulnerability in Apple mac OS X Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application. | 10.0 |
| 2014-07-01 | CVE-2014-1376 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Intel Compute in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenCL API call, which allows attackers to execute arbitrary code via a crafted application. | 10.0 |
| 2014-07-01 | CVE-2014-1373 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Intel Graphics Driver in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenGL API call, which allows attackers to execute arbitrary code via a crafted application. | 10.0 |
| 2014-07-01 | CVE-2014-1359 | Numeric Errors vulnerability in Apple Iphone OS and Tvos Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application. | 10.0 |
| 2014-07-01 | CVE-2014-1358 | Numeric Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application. | 10.0 |
| 2014-07-01 | CVE-2014-1357 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages. | 10.0 |