|
282531
|
- |
|
apple
|
mac_os_x
|
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application.
|
CWE-20
Improper Input Validation
|
CVE-2014-1318
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282532
|
- |
|
apple
|
mac_os_x
|
Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1319
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282533
|
- |
|
apple
|
mac_os_x
|
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1314
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282534
|
- |
|
apple
|
mac_os_x
|
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format st…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2014-1315
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282535
|
- |
|
apple
|
iphone_os
mac_os_x
mac_os_x_server
tvos
|
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1296
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282536
|
- |
|
apple
|
iphone_os
mac_os_x
tvos
|
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation a…
|
CWE-287
Improper Authentication
|
CVE-2014-1295
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282537
|
- |
|
carbonblack
|
carbon_black
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative …
|
CWE-352
Origin Validation Error
|
CVE-2014-1615
|
2024-11-21 11:04 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282538
|
- |
|
mozilla
fedoraproject
|
bugzilla
fedora
|
The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authent…
|
CWE-287
Improper Authentication
|
CVE-2014-1517
|
2024-11-21 11:04 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282539
|
- |
|
freebsd
|
freebsd
|
The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause …
|
CWE-399
Resource Management Errors
|
CVE-2014-1453
|
2024-11-21 11:04 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282540
|
- |
|
pearson
|
esis_enterprise_student_information_system
|
SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL …
|
CWE-89
SQL Injection
|
CVE-2014-1455
|
2024-11-21 11:04 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
