Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7861 | 6 Adobe, Apple, Google and 3 more | 15 Flash Player, Flash Player For Linux, Mac Os X and 12 more | 2025-04-12 | N/A |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2014-1734 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-1807 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors. | ||||
| CVE-2014-8834 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document's password in a printing preference file, which allows local users to obtain sensitive information by reading a file. | ||||
| CVE-2016-7862 | 6 Adobe, Apple, Google and 3 more | 15 Flash Player, Flash Player For Linux, Mac Os X and 12 more | 2025-04-12 | N/A |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2014-1733 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access. | ||||
| CVE-2014-4401 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, and CVE-2014-4416. | ||||
| CVE-2016-4228 | 6 Adobe, Apple, Google and 3 more | 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more | 2025-04-12 | 8.8 High |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248. | ||||
| CVE-2014-4405 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-04-12 | N/A |
| IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties. | ||||
| CVE-2016-4210 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-12 | N/A |
| Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2014-1714 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-12 | N/A |
| The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. | ||||
| CVE-2015-3677 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | ||||
| CVE-2014-1378 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object. | ||||
| CVE-2014-1595 | 2 Apple, Mozilla | 4 Mac Os X, Firefox, Firefox Esr and 1 more | 2025-04-12 | N/A |
| Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information. | ||||
| CVE-2014-8146 | 2 Apple, Icu-project | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2025-04-12 | N/A |
| The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. | ||||
| CVE-2016-4232 | 6 Adobe, Apple, Google and 3 more | 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more | 2025-04-12 | 7.5 High |
| Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors. | ||||
| CVE-2014-1380 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input. | ||||
| CVE-2016-4625 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-4217 | 6 Adobe, Apple, Google and 3 more | 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more | 2025-04-12 | 8.8 High |
| Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246. | ||||
| CVE-2015-1137 | 1 Apple | 1 Mac Os X | 2025-04-12 | N/A |
| The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type. | ||||