|
285251
|
- |
|
apple
|
iphone_os
|
Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambig…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1351
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285252
|
- |
|
apple
|
iphone_os
|
Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state mana…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1350
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285253
|
- |
|
apple
|
iphone_os
|
Use-after-free vulnerability in Safari in Apple iOS before 7.1.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an invalid URL.
|
NVD-CWE-Other
|
CVE-2014-1349
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285254
|
- |
|
apple
|
iphone_os
|
Mail in Apple iOS before 7.1.2 advertises the availability of data protection for attachments but stores cleartext attachments under mobile/Library/Mail/, which makes it easier for physically proxima…
|
CWE-310
Cryptographic Issues
|
CVE-2014-1348
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285255
|
- |
|
apple
|
safari
iphone_os
|
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted…
|
NVD-CWE-Other
|
CVE-2014-1345
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285256
|
- |
|
apple
|
safari
|
WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1340
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285257
|
- |
|
apple
|
safari
iphone_os
tvos
|
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1325
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285258
|
- |
|
apple
|
mac_os_x
|
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
|
CWE-200
Information Exposure
|
CVE-2014-1317
|
2024-11-21 11:04 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285259
|
- |
|
linux
canonical
suse
|
linux_kernel
ubuntu_linux
suse_linux_enterprise_desktop
suse_linux_enterprise_server
linux_enterprise_high_availability_extension
|
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive in…
|
CWE-200
Information Exposure
|
CVE-2014-1739
|
2024-11-21 11:04 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285260
|
- |
|
symantec
|
web_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1652
|
2024-11-21 11:04 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
