Apple : Security Vulnerabilities, CVEs, Published In 2014 (Overflow) CVSS score >= 9
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460.
Max CVSS
10.0
EPSS Score
29.50%
Published
2014-12-10
Updated
2014-12-12
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159.
Max CVSS
10.0
EPSS Score
80.13%
Published
2014-12-10
Updated
2014-12-12
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159.
Max CVSS
10.0
EPSS Score
80.13%
Published
2014-12-10
Updated
2014-12-12
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
56.59%
Published
2014-12-10
Updated
2014-12-12
Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom.
Max CVSS
9.3
EPSS Score
35.22%
Published
2014-07-26
Updated
2017-01-07
CVE-2014-4404
Known exploited
Public exploit
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
Max CVSS
9.3
EPSS Score
0.64%
Published
2014-09-18
Updated
2019-03-08
CISA KEV Added
2022-02-10
An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
Max CVSS
9.3
EPSS Score
0.53%
Published
2014-09-19
Updated
2017-08-29
Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.
Max CVSS
10.0
EPSS Score
2.27%
Published
2014-09-19
Updated
2017-08-29
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
Max CVSS
9.3
EPSS Score
0.43%
Published
2014-09-18
Updated
2019-03-08
Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.
Max CVSS
9.3
EPSS Score
0.28%
Published
2014-09-18
Updated
2019-03-08
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application.
Max CVSS
9.3
EPSS Score
0.29%
Published
2014-09-18
Updated
2019-03-08
Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Max CVSS
10.0
EPSS Score
0.82%
Published
2014-07-01
Updated
2019-03-08
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages.
Max CVSS
10.0
EPSS Score
0.61%
Published
2014-07-01
Updated
2019-03-08
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages.
Max CVSS
10.0
EPSS Score
0.61%
Published
2014-07-01
Updated
2019-03-08
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.
Max CVSS
10.0
EPSS Score
33.74%
Published
2014-03-26
Updated
2016-12-08
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.
Max CVSS
9.3
EPSS Score
9.60%
Published
2014-02-27
Updated
2015-10-21
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
Max CVSS
9.3
EPSS Score
0.64%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
Max CVSS
9.3
EPSS Score
1.06%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
Max CVSS
9.3
EPSS Score
1.06%
Published
2014-02-27
Updated
2014-03-10
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
Max CVSS
9.3
EPSS Score
3.30%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
Max CVSS
9.3
EPSS Score
4.86%
Published
2014-02-27
Updated
2014-02-27
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
Max CVSS
9.3
EPSS Score
5.08%
Published
2014-02-27
Updated
2015-10-21
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
Max CVSS
9.3
EPSS Score
3.03%
Published
2014-02-27
Updated
2014-02-27
23 vulnerabilities found