CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2014-8824
https://notcve.org/view.php?id=CVE-2014-8824
The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app. El kernel en Apple OS X anterior a 10.10.2 no valida correctamente los campos de metadatos de objetos IODataQueue, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100516 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8821
https://notcve.org/view.php?id=CVE-2014-8821
The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8820. Intel Graphics Driver en Apple OS X anterior a 10.10.2 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-8819 y CVE-2014-8820. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100502 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8827
https://notcve.org/view.php?id=CVE-2014-8827
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately upon being woken from sleep, which allows physically proximate attackers to obtain sensitive information by reading the screen. LoginWindow en Apple OS X anterior a 10.10.2 no pasa al estado de bloqueo de pantalla inmediatamente cuando se reactiva el ordenador después de un descanso, lo que permite a atacantes físicamente próximos obtener información sensible mediante la lectura de la pantalla. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100521 • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8819
https://notcve.org/view.php?id=CVE-2014-8819
The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8820 and CVE-2014-8821. Intel Graphics Driver en Apple OS X anterior a 10.10.2 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-8820 y CVE-2014-8821. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100500 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-8829
https://notcve.org/view.php?id=CVE-2014-8829
SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app. SceneKit en Apple OS X anterior a 10.10.2 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (escritura fuera de rango) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securitytracker.com/id/1031650 https://exchange.xforce.ibmcloud.com/vulnerabilities/100523 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •