Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2014-8831

    security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or (2) Developer ID certificate.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.16
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2014-8830

    Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element in a Collada file.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %3.59
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-8829

    SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.71
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-8828

    Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.36
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-8827

    LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately upon being woken from sleep, which allows physically proximate attackers to obtain sensitive information by reading the screen.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-8826

    LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %21.69
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2014-8825

    The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8824

    The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.98
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2014-8823

    The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argumen... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8822

    IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.98
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2014-8821

    The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8820.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2014-8820

    The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8821.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2014-8819

    The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8820 and CVE-2014-8821.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8817

    coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack ... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.16
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2014-8816

    CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PDF document.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.58
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4499

    The App Store process in CommerceKit Framework in Apple OS X before 10.10.2 places Apple ID credentials in App Store logs, which allows local users to obtain sensitive information by reading a file.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2014-4498

    The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-4497

    Integer signedness error in IOBluetoothFamily in the Bluetooth implementation in Apple OS X before 10.10 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (write to kernel memory) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.10
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-4496

    The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism via a... Read more

    Affected Products : iphone_os tvos
    • EPSS Score: %0.66
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-4495

    The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %0.83
    • Published: Jan. 30, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 290997 Results