|
285131
|
- |
|
ibm
|
business_process_manager
|
The User Attribute implementation in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.2, and 8.5.x through 8.5.0.1 does not verify authorization for read or write access …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0908
|
2024-11-21 11:03 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285132
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in the Social Rendering implementation in the IBM Connections integration in IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF11 allows remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0901
|
2024-11-21 11:03 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285133
|
- |
|
oracle
|
vm_virtualbox
|
Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.…
|
CWE-399
Resource Management Errors
|
CVE-2014-0983
|
2024-11-21 11:03 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285134
|
- |
|
oracle
|
vm_virtualbox
|
VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local gue…
|
CWE-399
Resource Management Errors
|
CVE-2014-0981
|
2024-11-21 11:03 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285135
|
- |
|
ibm
|
security_appscan
|
The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file.
|
CWE-20
Improper Input Validation
|
CVE-2014-0904
|
2024-11-21 11:03 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285136
|
- |
|
apple
|
iphone_os
tvos
|
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1289
|
2024-11-21 11:03 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285137
|
- |
|
apple
|
tvos
iphone_os
|
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1287
|
2024-11-21 11:03 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285138
|
- |
|
apple
|
iphone_os
|
SpringBoard Lock Screen in Apple iOS before 7.1 allows remote attackers to cause a denial of service (lock-screen hang) by leveraging a state-management error.
|
NVD-CWE-Other
|
CVE-2014-1286
|
2024-11-21 11:03 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285139
|
- |
|
apple
|
iphone_os
|
Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1285
|
2024-11-21 11:03 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285140
|
- |
|
apple
|
tvos
iphone_os
|
The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1282
|
2024-11-21 11:03 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
