|
289401
|
- |
|
apple
|
mac_os_x
|
CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtai…
|
CWE-287
Improper Authentication
|
CVE-2014-4425
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289402
|
- |
|
apple
|
mac_os_x
|
Safari in Apple OS X before 10.10 allows remote attackers to cause a denial of service (universal Push Notification outage) via a web site that triggers an uncaught SafariNotificationAgent exception …
|
CWE-20
Improper Input Validation
|
CVE-2014-4417
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289403
|
- |
|
apple
|
mac_os_x
|
The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions …
|
CWE-310
Cryptographic Issues
|
CVE-2014-4391
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289404
|
- |
|
apple
|
mac_os_x
|
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4351
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289405
|
- |
|
textpattern
|
textpattern
|
Cross-site scripting (XSS) vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to setup/index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4737
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289406
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to dis…
|
CWE-200
Information Exposure
|
CVE-2014-4761
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289407
|
- |
|
hp
|
records_manager
|
Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4661
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289408
|
- |
|
ibm
|
business_process_manager
|
The Saved Search Admin component in the Process Admin Console in IBM Business Process Manager (BPM) 8.0 through 8.5.5 does not properly restrict task and instance listings in result sets, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4802
|
2024-11-21 11:10 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289409
|
- |
|
debian
|
apt-cacher
|
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-352
Origin Validation Error
|
CVE-2014-4510
|
2024-11-21 11:10 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289410
|
- |
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_appliance
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile_8.0_firmware
securit…
|
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM…
|
CWE-78
OS Command
|
CVE-2014-4823
|
2024-11-21 11:10 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
