|
291511
|
- |
|
apple
|
mac_os_x
|
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
|
CWE-20
Improper Input Validation
|
CVE-2014-4390
|
2024-11-21 11:10 |
2014-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291512
|
- |
|
apple
|
mac_os_x
|
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application …
|
NVD-CWE-Other
|
CVE-2014-4376
|
2024-11-21 11:10 |
2014-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291513
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4350
|
2024-11-21 11:10 |
2014-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291514
|
- |
|
ibm
|
qradar_security_information_and_event_manager
|
IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 does not properly handle SSH connections, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.
|
CWE-200
Information Exposure
|
CVE-2014-4826
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291515
|
- |
|
ibm
|
qradar_security_information_and_event_manager
|
SQL injection vulnerability in IBM Security QRadar SIEM 7.2 before 7.2.3 Patch 1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-4824
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291516
|
- |
|
ibm
|
integration_bus_manufacturing_pack
|
Cross-site scripting (XSS) vulnerability in IBM Integration Bus Manufacturing Pack 1.x before 1.0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4820
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291517
|
- |
|
ibm
|
websphere_message_broker
integration_bus
|
The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the e…
|
CWE-200
Information Exposure
|
CVE-2014-4819
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291518
|
- |
|
apple
|
iphone_os
|
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4423
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291519
|
8.1 |
HIGH
Network
|
apple
|
tvos
iphone_os
|
The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardeni…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4422
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291520
|
- |
|
apple
|
mac_os_x
iphone_os
tvos
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-la…
|
NVD-CWE-Other
|
CVE-2014-4421
|
2024-11-21 11:10 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
