Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.10.2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-8839
Spotlight in Apple OS X prior to 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote malicious users to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests fo...
Apple Mac Os X
445
VMScore
CVE-2014-8831
security_taskgate in Apple OS X prior to 10.10.2 allows malicious users to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or (2) Developer ID certificate.
Apple Mac Os X
445
VMScore
CVE-2014-4491
The extension APIs in the kernel in Apple iOS prior to 8.1.3, Apple OS X prior to 10.10.2, and Apple TV prior to 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for malicious users to bypass the ASLR protectio...
Apple Mac Os X
Apple Iphone Os
Apple Tvos
436
VMScore
CVE-2014-8832
The indexing functionality in Spotlight in Apple OS X prior to 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive.
Apple Mac Os X
418
VMScore
CVE-2014-8823
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X prior to 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument.
Apple Mac Os X
418
VMScore
CVE-2014-4498
The CPU Software in Apple OS X prior to 10.10.2 allows physically proximate malicious users to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue.
Apple Mac Os X
383
VMScore
CVE-2014-8130
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_...
Libtiff Libtiff 4.0.3
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Apple Mac Os X 10.10.0
Apple Mac Os X 10.10.1
Apple Mac Os X 10.9.5
Apple Mac Os X 10.10.3
Apple Mac Os X 10.10.2
Apple Mac Os X 10.8.5
Apple Iphone Os
383
VMScore
CVE-2015-1067
Secure Transport in Apple iOS prior to 8.2, Apple OS X up to and including 10.10.2, and Apple TV prior to 7.1 does not properly restrict TLS state transitions, which makes it easier for remote malicious users to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted T...
Apple Mac Os X
Apple Tvos
Apple Iphone Os
2 Articles
383
VMScore
CVE-2014-8838
The Security component in Apple OS X prior to 10.10.2 does not properly process cached information about app certificates, which allows malicious users to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted a...
Apple Mac Os X
187
VMScore
CVE-2014-8827
LoginWindow in Apple OS X prior to 10.10.2 does not transition to the lock-screen state immediately upon being woken from sleep, which allows physically proximate malicious users to obtain sensitive information by reading the screen.
Apple Mac Os X
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »