|
279491
|
- |
|
ibm
|
tivoli_storage_manager
|
The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4817
|
2024-11-21 11:10 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279492
|
- |
|
apple
|
iphone_os
|
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4463
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279493
|
- |
|
apple
|
iphone_os
tvos
|
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra…
|
CWE-399
Resource Management Errors
|
CVE-2014-4462
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279494
|
- |
|
apple
|
iphone_os
mac_os_x
tvos
|
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context v…
|
CWE-20
Improper Input Validation
|
CVE-2014-4461
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279495
|
- |
|
apple
|
iphone_os
mac_os_x
|
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate a…
|
CWE-200
Information Exposure
|
CVE-2014-4460
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279496
|
- |
|
apple
|
safari
mac_os_x
iphone_os
itunes
tvos
|
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
|
NVD-CWE-Other
|
CVE-2014-4459
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279497
|
- |
|
apple
|
mac_os_x
|
The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive informatio…
|
CWE-200
Information Exposure
|
CVE-2014-4458
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279498
|
- |
|
apple
|
iphone_os
|
The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted app…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4457
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279499
|
- |
|
apple
|
iphone_os
tvos
|
dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4455
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279500
|
- |
|
apple
|
iphone_os
mac_os_x
|
Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to ob…
|
CWE-200
Information Exposure
|
CVE-2014-4453
|
2024-11-21 11:10 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
