|
291481
|
- |
|
apple
|
mac_os_x
|
The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions …
|
CWE-310
Cryptographic Issues
|
CVE-2014-4391
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291482
|
- |
|
apple
|
mac_os_x
|
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4351
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291483
|
- |
|
textpattern
|
textpattern
|
Cross-site scripting (XSS) vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to setup/index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4737
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291484
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to dis…
|
CWE-200
Information Exposure
|
CVE-2014-4761
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291485
|
- |
|
hp
|
records_manager
|
Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4661
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291486
|
- |
|
ibm
|
business_process_manager
|
The Saved Search Admin component in the Process Admin Console in IBM Business Process Manager (BPM) 8.0 through 8.5.5 does not properly restrict task and instance listings in result sets, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4802
|
2024-11-21 11:10 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291487
|
- |
|
debian
|
apt-cacher
|
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-352
Origin Validation Error
|
CVE-2014-4510
|
2024-11-21 11:10 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291488
|
- |
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_appliance
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile_8.0_firmware
securit…
|
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM…
|
CWE-78
OS Command
|
CVE-2014-4823
|
2024-11-21 11:10 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291489
|
- |
|
ibm
|
security_access_manager_for_web_8.0_firmware
security_access_manager_for_web_appliance
security_access_manager_for_web_7.0_firmware
|
The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a d…
|
NVD-CWE-noinfo
|
CVE-2014-4809
|
2024-11-21 11:10 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291490
|
- |
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH rules for blocking client connections in certain circumstances related to the CONNAUTH attribute, which allows remote authenticat…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4793
|
2024-11-21 11:10 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
