|
288851
|
- |
|
apple
|
mac_os_x
iphone_os
tvos
|
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR pr…
|
CWE-200
Information Exposure
|
CVE-2014-1320
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288852
|
- |
|
apple
|
mac_os_x
|
Power Management in Apple OS X 10.9.x through 10.9.2 allows physically proximate attackers to bypass an intended transition into the locked-screen state by touching (1) a key or (2) the trackpad duri…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1321
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288853
|
- |
|
apple
|
mac_os_x
|
Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol.
|
CWE-20
Improper Input Validation
|
CVE-2014-1316
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288854
|
- |
|
apple
|
mac_os_x
|
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application.
|
CWE-20
Improper Input Validation
|
CVE-2014-1318
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288855
|
- |
|
apple
|
mac_os_x
|
Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1319
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288856
|
- |
|
apple
|
mac_os_x
|
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1314
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288857
|
- |
|
apple
|
mac_os_x
|
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format st…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2014-1315
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288858
|
- |
|
apple
|
iphone_os
mac_os_x
mac_os_x_server
tvos
|
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1296
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288859
|
- |
|
apple
|
iphone_os
mac_os_x
tvos
|
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation a…
|
CWE-287
Improper Authentication
|
CVE-2014-1295
|
2024-11-21 11:04 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288860
|
- |
|
carbonblack
|
carbon_black
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative …
|
CWE-352
Origin Validation Error
|
CVE-2014-1615
|
2024-11-21 11:04 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
