|
280921
|
- |
|
apple
|
mac_os_x
|
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format st…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2014-1315
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280922
|
- |
|
apple
|
iphone_os
mac_os_x
mac_os_x_server
tvos
|
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1296
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280923
|
- |
|
apple
|
iphone_os
mac_os_x
tvos
|
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation a…
|
CWE-287
Improper Authentication
|
CVE-2014-1295
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280924
|
- |
|
carbonblack
|
carbon_black
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative …
|
CWE-352
Origin Validation Error
|
CVE-2014-1615
|
2024-11-21 11:04 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280925
|
- |
|
mozilla
fedoraproject
|
bugzilla
fedora
|
The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authent…
|
CWE-287
Improper Authentication
|
CVE-2014-1517
|
2024-11-21 11:04 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280926
|
- |
|
freebsd
|
freebsd
|
The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause …
|
CWE-399
Resource Management Errors
|
CVE-2014-1453
|
2024-11-21 11:04 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280927
|
- |
|
pearson
|
esis_enterprise_student_information_system
|
SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL …
|
CWE-89
SQL Injection
|
CVE-2014-1455
|
2024-11-21 11:04 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280928
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unkn…
|
NVD-CWE-noinfo
|
CVE-2014-1729
|
2024-11-21 11:04 |
2014-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280929
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-1728
|
2024-11-21 11:04 |
2014-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280930
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecifie…
|
CWE-399
Resource Management Errors
|
CVE-2014-1727
|
2024-11-21 11:04 |
2014-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
