Apple : Security Vulnerabilities, CVEs, Published In October 2014 (Denial of service)
The IOHIDSecurePromptClient function in Apple OS X does not properly validate pointer values, which allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted web site.
Max CVSS
9.3
EPSS Score
1.18%
Published
2014-10-05
Updated
2014-10-10
Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted ASN.1 data.
Max CVSS
7.8
EPSS Score
2.00%
Published
2014-10-18
Updated
2017-08-29
The kernel in Apple OS X before 10.10 allows local users to cause a denial of service (panic) via a message to a system control socket.
Max CVSS
4.7
EPSS Score
0.04%
Published
2014-10-18
Updated
2017-08-29
IOHIDFamily in Apple OS X before 10.10 allows attackers to cause denial of service (out-of-bounds read operation) via a crafted application.
Max CVSS
4.3
EPSS Score
0.17%
Published
2014-10-18
Updated
2017-08-29
The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem.
Max CVSS
4.9
EPSS Score
0.06%
Published
2014-10-18
Updated
2017-08-29
Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service (universal Push Notification outage) via a web site that triggers an uncaught SafariNotificationAgent exception by providing a crafted Push Notification.
Max CVSS
5.0
EPSS Score
0.96%
Published
2014-10-18
Updated
2017-08-29
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
Max CVSS
6.8
EPSS Score
3.96%
Published
2014-10-18
Updated
2017-08-29
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.
Max CVSS
5.0
EPSS Score
9.33%
Published
2014-10-07
Updated
2023-02-13
Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
4.26%
Published
2014-10-08
Updated
2019-03-08
9 vulnerabilities found