|
280821
|
- |
|
apple
|
iphone_os
|
Mail in Apple iOS before 7.1.2 advertises the availability of data protection for attachments but stores cleartext attachments under mobile/Library/Mail/, which makes it easier for physically proxima…
|
CWE-310
Cryptographic Issues
|
CVE-2014-1348
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280822
|
- |
|
apple
|
safari
iphone_os
|
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted…
|
NVD-CWE-Other
|
CVE-2014-1345
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280823
|
- |
|
apple
|
safari
|
WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1340
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280824
|
- |
|
apple
|
safari
iphone_os
tvos
|
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1325
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280825
|
- |
|
apple
|
mac_os_x
|
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
|
CWE-200
Information Exposure
|
CVE-2014-1317
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280826
|
- |
|
linux
canonical
suse
|
linux_kernel
ubuntu_linux
suse_linux_enterprise_desktop
suse_linux_enterprise_server
linux_enterprise_high_availability_extension
|
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive in…
|
CWE-200
Information Exposure
|
CVE-2014-1739
|
2024-11-21 11:04 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280827
|
- |
|
symantec
|
web_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1652
|
2024-11-21 11:04 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280828
|
- |
|
symantec
|
web_gateway
|
SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) before 5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-1651
|
2024-11-21 11:04 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280829
|
- |
|
symantec
|
web_gateway
|
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vector…
|
CWE-89
SQL Injection
|
CVE-2014-1650
|
2024-11-21 11:04 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280830
|
- |
|
mozilla
|
netscape_portable_runtime
|
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and conso…
|
NVD-CWE-Other
|
CVE-2014-1545
|
2024-11-21 11:04 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
