Apple Mac OS X 10.9.3
Approved changes feed: RSS · Atom
cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*
part: o version: 10.9.3 update: *
| Vendor | Apple (c2b419d0-9f0f-51c1-88dc-2e204a98e1c7) |
|---|---|
| Product | Mac Os X (f0578782-d1e8-5b8d-b127-ce7d4203eaaf) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-4852 |
not_vulnerable | 2026-06-03 14:35:53.531296 |
Details available
YoruFukurou (NightOwl) before 2.85 relies on support for emoji skin-tone modifiers even though this support is missing from the CoreText CTFramesetter API on OS X 10.9, which allows remote attackers to cause a denial of service (application crash) via a crafted emoji character sequence.
Published: 2016-09-12T10:00:00.000Z
Updated: 2024-08-06T00:46:38.432Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4460 |
vulnerable | 2026-06-03 14:34:03.419502 |
Details available
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.
Published: 2014-11-18T11:00:00.000Z
Updated: 2024-08-06T11:20:25.757Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4458 |
vulnerable | 2026-06-03 14:34:03.416553 |
Details available
The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Published: 2014-11-18T11:00:00.000Z
Updated: 2024-08-06T11:20:25.967Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4453 |
vulnerable | 2026-06-03 14:34:03.408589 |
Details available
Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Published: 2014-11-18T11:00:00.000Z
Updated: 2024-08-06T11:20:25.917Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4416 |
vulnerable | 2026-06-03 14:34:03.330752 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, and CVE-2014-4401.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.615Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4403 |
vulnerable | 2026-06-03 14:34:03.265662 |
Details available
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.573Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4402 |
vulnerable | 2026-06-03 14:34:03.265241 |
Details available
An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.580Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4401 |
vulnerable | 2026-06-03 14:34:03.264871 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.516Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4400 |
vulnerable | 2026-06-03 14:34:03.264477 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.497Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4399 |
vulnerable | 2026-06-03 14:34:03.264076 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.553Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4398 |
vulnerable | 2026-06-03 14:34:03.263690 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.653Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4397 |
vulnerable | 2026-06-03 14:34:03.263308 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.591Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4396 |
vulnerable | 2026-06-03 14:34:03.262919 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.547Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4395 |
vulnerable | 2026-06-03 14:34:03.262518 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.501Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4394 |
vulnerable | 2026-06-03 14:34:03.262100 |
Details available
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.537Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4393 |
vulnerable | 2026-06-03 14:34:03.261607 |
Details available
Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.567Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4390 |
vulnerable | 2026-06-03 14:34:03.260842 |
Details available
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.619Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4376 |
vulnerable | 2026-06-03 14:34:03.252958 |
Details available
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.385Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4350 |
vulnerable | 2026-06-03 14:34:03.222876 |
Details available
Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T11:12:35.235Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1391 |
vulnerable | 2026-06-03 14:33:46.815043 |
Details available
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.
Published: 2014-09-19T10:00:00.000Z
Updated: 2024-08-06T09:42:35.328Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1381 |
vulnerable | 2026-06-03 14:33:46.793855 |
Details available
Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.985Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1380 |
vulnerable | 2026-06-03 14:33:46.793503 |
Details available
The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.867Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1378 |
vulnerable | 2026-06-03 14:33:46.792614 |
Details available
IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:35.587Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1375 |
vulnerable | 2026-06-03 14:33:46.791173 |
Details available
Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.979Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1361 |
vulnerable | 2026-06-03 14:33:46.738563 |
Details available
Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.958Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1359 |
vulnerable | 2026-06-03 14:33:46.737599 |
Details available
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:35.627Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1358 |
vulnerable | 2026-06-03 14:33:46.736604 |
Details available
Integer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:35.071Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1357 |
vulnerable | 2026-06-03 14:33:46.736128 |
Details available
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.549Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1356 |
vulnerable | 2026-06-03 14:33:46.735210 |
Details available
Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.787Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1355 |
vulnerable | 2026-06-03 14:33:46.734582 |
Details available
The IOKit implementation in the kernel in Apple iOS before 7.1.2 and Apple TV before 6.1.2, and in IOReporting in Apple OS X before 10.9.4, allows local users to cause a denial of service (NULL pointer dereference and reboot) via crafted API arguments.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:42:34.418Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1317 |
vulnerable | 2026-06-03 14:33:46.656456 |
Details available
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
Published: 2014-07-01T10:00:00.000Z
Updated: 2024-08-06T09:34:41.261Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.