|
280961
|
- |
|
apple
|
safari
|
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1299
|
2024-11-21 11:04 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280962
|
- |
|
apple
|
safari
|
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1298
|
2024-11-21 11:04 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280963
|
- |
|
apple
|
safari
|
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read …
|
CWE-20
Improper Input Validation
|
CVE-2014-1297
|
2024-11-21 11:04 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280964
|
- |
|
horde
|
horde_application_framework
|
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted se…
|
CWE-94
Code Injection
|
CVE-2014-1691
|
2024-11-21 11:04 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280965
|
- |
|
mozilla
|
firefox
|
The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it ea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1516
|
2024-11-21 11:04 |
2014-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280966
|
- |
|
symantec
|
liveupdate_administrator
|
SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspe…
|
CWE-89
SQL Injection
|
CVE-2014-1645
|
2024-11-21 11:04 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280967
|
- |
|
symantec
|
liveupdate_administrator
|
The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to reset arbitrary passwords by providin…
|
CWE-255
Credentials Management
|
CVE-2014-1644
|
2024-11-21 11:04 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280968
|
- |
|
apple
|
safari
|
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen dur…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1303
|
2024-11-21 11:04 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280969
|
- |
|
apple
|
safari
|
Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competit…
|
NVD-CWE-noinfo
|
CVE-2014-1300
|
2024-11-21 11:04 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280970
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via …
|
CWE-200
Information Exposure
|
CVE-2014-1515
|
2024-11-21 11:04 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
