Search Results (14587 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-1317 1 Apple 1 Mac Os X 2025-04-12 N/A
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
CVE-2014-1353 1 Apple 1 Iphone Os 2025-04-12 N/A
Lock Screen in Apple iOS before 7.1.2 does not properly manage the telephony state in Airplane Mode, which allows physically proximate attackers to bypass the lock protection mechanism, and access a certain foreground application, via unspecified vectors.
CVE-2014-1372 1 Apple 1 Mac Os X 2025-04-12 N/A
Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call.
CVE-2014-1375 1 Apple 1 Mac Os X 2025-04-12 N/A
Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.
CVE-2014-1370 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-12 N/A
The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.
CVE-2014-1369 1 Apple 1 Safari 2025-04-12 N/A
WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site.
CVE-2014-1371 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-12 N/A
Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.
CVE-2014-4375 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
CVE-2014-4377 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2014-4378 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document.
CVE-2014-4379 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.
CVE-2014-4409 1 Apple 1 Iphone Os 2025-04-12 N/A
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
CVE-2014-4410 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
CVE-2014-4447 1 Apple 1 Os X Server 2025-04-12 N/A
Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs.
CVE-2014-4460 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.
CVE-2014-4461 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
CVE-2014-4462 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452.
CVE-2014-4463 1 Apple 1 Iphone Os 2025-04-12 N/A
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.
CVE-2014-4465 1 Apple 3 Iphone Os, Safari, Tvos 2025-04-12 N/A
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.
CVE-2014-5030 3 Apple, Canonical, Redhat 3 Cups, Ubuntu Linux, Enterprise Linux 2025-04-12 N/A
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.