SceneKit in Apple OS X prior to 10.10.2 allows malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.
apple mac os x
Vulmon