CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-1265 – Apple Security Advisory 2014-02-25-1
https://notcve.org/view.php?id=CVE-2014-1265
26 Feb 2014 — The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock. El programa systemsetup en el subsistema de fecha y hora en Apple OS X anterior a 10.9.2 permite a usuarios locales evadir restricciones de acceso mediante el cambio la hora actual en el reloj del sistema. OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues includin... • http://support.apple.com/kb/HT6150 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 32EXPL: 0CVE-2014-1268 – Apple Security Advisory 2014-02-25-2
https://notcve.org/view.php?id=CVE-2014-1268
26 Feb 2014 — WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. WebKit, tal como es utilizado en Apple Safari anterior a 6.1.2 y 7.x anterior a 7.0.2, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de ... • http://support.apple.com/kb/HT6145 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 32EXPL: 0CVE-2014-1269 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1269
26 Feb 2014 — WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. WebKit, tal como es utilizado en Apple Safari anterior a 6.1.2 y 7.x anterior a 7.0.2, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de ... • http://support.apple.com/kb/HT6145 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 32EXPL: 0CVE-2014-1270 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1270
26 Feb 2014 — WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. WebKit, tal como es utilizado en Apple Safari anterior a 6.1.2 y 7.x anterior a 7.0.2, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de ... • http://support.apple.com/kb/HT6145 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2014-0067 – Mandriva Linux Security Advisory 2014-047
https://notcve.org/view.php?id=CVE-2014-0067
21 Feb 2014 — The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. El comando "make check" para los suites de prueba en PostgreSQL 9.3.3 y anteriores no invoca debidamente initdb para especificar los requisitos de autenticación para un cluster de base de datos utilizado para las pruebas, lo que ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2013-0975 – Apple QuickTime PICT Image LongComment Opcode Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0975
05 Jun 2013 — Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. Desbordamiento de búfer en QuickDraw Manager de Apple Mac OS X antes de v10.8.4 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de una imagen PICT manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerabl... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2013-0982 – Apple Security Advisory 2013-06-04-1
https://notcve.org/view.php?id=CVE-2013-0982
05 Jun 2013 — The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation. La función de navegación privada en CFNetwork en Apple Mac OS X antes de v10.8.4 no impide el almacenamiento de cookies permanentes a la salida de Safari, que podría permitir a atacantes físicamente cercanos evitar la autenticación basada en... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 16EXPL: 0CVE-2013-0990 – Apple Security Advisory 2013-06-04-1
https://notcve.org/view.php?id=CVE-2013-0990
05 Jun 2013 — SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, allows remote authenticated users to create or modify files outside of a shared directory via unspecified vectors. SMB en Apple Mac OS X antes de v10.8.4, cuando el intercambio de archivos está activada, permite a los usuarios remotos autenticados crear o modificar archivos fuera de un directorio compartido a través de vectores no especificados. OS X Mountain Lion version 10.8.4 and Security Update 2013-002 is now available and addresses ove... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0CVE-2013-1024 – Apple Security Advisory 2014-01-22-1
https://notcve.org/view.php?id=CVE-2013-1024
05 Jun 2013 — CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. CoreMedia reproducción en Apple Mac OS X anterior a v10.8.4 no inicializa correctamente la memoria durante el procesamiento de pistas de texto, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de la a... • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 9%CPEs: 126EXPL: 2CVE-2013-0984 – Apple Mac OSX Server - DirectoryService Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-0984
05 Jun 2013 — Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. Servicio de directorio de Apple Mac OS X hasta v10.6.8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída del demonio) a través de un mensaje elaborado. Core Security Technologies Advisory - A memory corruption vulnerability was found in Mac OSX Directory Service. By sending a maliciously crafted... • https://packetstorm.news/files/id/121887 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •