Page 326 of 2317 results (0.011 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-8838

https://notcve.org/view.php?id=CVE-2014-8838

The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted app. El componente de seguridad en Apple OS X anterior a 10.10.2 no procesa correctamente la información en caché sobre los certificados de aplicaciones, lo que permite a atacantes evadir el mecanismo de protección Gatekeeper mediante el aprovechamiento del acceso a un certificado de identificación Developer revocado a la espera de firmarse una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100525 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-8832

https://notcve.org/view.php?id=CVE-2014-8832

The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive. La funcionalidad de la creación de indices en Spotlight en Apple OS X anterior a 10.10.2 escribe los contenidos de la memoria en un disco duro externo, lo que permite a usuarios locales obtener información sensible mediante la lectura de este disco. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100528 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-8837

https://notcve.org/view.php?id=CVE-2014-8837

Multiple unspecified vulnerabilities in the Bluetooth driver in Apple OS X before 10.10.2 allow attackers to execute arbitrary code in a privileged context via a crafted app. Múltiples vulnerabilidades no especificadas en el controlador Bluetooth en Apple OS X anterior a 10.10.2 permiten a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100491 •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2014-8822

https://notcve.org/view.php?id=CVE-2014-8822

IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method. IOHIDFamily en Apple OS X anterior a 10.10.2 permite a atacantes ejecutar código arbitrario en un contexto del kernel o causar una denegación de servicio (escritura a la memoria del kernel) a través de una aplicación manipulada que llama a un método de cliente usuario no especificado. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100513 • CWE-19: Data Processing Errors •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2014-8829

https://notcve.org/view.php?id=CVE-2014-8829

SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app. SceneKit en Apple OS X anterior a 10.10.2 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (escritura fuera de rango) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100523 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •