Search

Search Results (363638 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-1270 1 Apple 4 Mac Os X, Mac Os X Server, Safari and 1 more 2025-04-12 N/A
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.
CVE-2014-1273 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library.
CVE-2014-1274 1 Apple 1 Iphone Os 2025-04-12 N/A
FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call.
CVE-2014-1275 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
CVE-2014-1276 1 Apple 1 Iphone Os 2025-04-12 N/A
IOKit HID Event in Apple iOS before 7.1 allows attackers to conduct user-action monitoring attacks against arbitrary apps via a crafted app that accesses an IOKit framework interface.
CVE-2014-1279 1 Apple 1 Tvos 2025-04-12 N/A
Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data.
CVE-2014-1280 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding.
CVE-2014-1282 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name.
CVE-2014-1287 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
CVE-2014-1289 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.
CVE-2014-1291 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.
CVE-2014-1293 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1294.
CVE-2014-1294 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293.
CVE-2014-1296 1 Apple 4 Iphone Os, Mac Os X, Mac Os X Server and 1 more 2025-04-12 N/A
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction.
CVE-2014-1377 1 Apple 1 Mac Os X 2025-04-12 N/A
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.
CVE-2014-1295 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack."
CVE-2014-1300 1 Apple 2 Mac Os X, Safari 2025-04-12 N/A
Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.
CVE-2014-1303 1 Apple 1 Safari 2025-04-12 N/A
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.
CVE-2014-1304 1 Apple 1 Safari 2025-04-12 N/A
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVE-2014-0891 1 Ibm 1 Websphere Application Server 2025-04-12 N/A
IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server.