|
285631
|
- |
|
apple
|
quicktime
|
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.
|
CWE-189
Numeric Errors
|
CVE-2014-1245
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285632
|
- |
|
apple
|
quicktime
|
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1244
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285633
|
- |
|
apple
|
quicktime
|
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track l…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1243
|
2024-11-21 11:03 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285634
|
7.4 |
HIGH
Network
|
apple
|
mac_os_x
tvos
iphone_os
|
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6…
|
CWE-295
Improper Certificate Validation
|
CVE-2014-1266
|
2024-11-21 11:03 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285635
|
- |
|
apple
|
boot_camp
|
AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1253
|
2024-11-21 11:03 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285636
|
- |
|
broadcom
|
2e_web_option
|
CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end o…
|
CWE-20
Improper Input Validation
|
CVE-2014-1219
|
2024-11-21 11:03 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285637
|
- |
|
i-doit
|
i-doit
|
Cross-site scripting (XSS) vulnerability in synetics i-doit pro before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the call parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-1237
|
2024-11-21 11:03 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285638
|
- |
|
poster_software
|
publish_it
|
Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0980
|
2024-11-21 11:03 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285639
|
- |
|
sophos
|
sophos_anti-virus
scanning_engine
|
Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1213
|
2024-11-21 11:03 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285640
|
- |
|
tableausoftware
|
tableau_server
|
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be…
|
CWE-89
SQL Injection
|
CVE-2014-1204
|
2024-11-21 11:03 |
2014-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
