Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-02 | CVE-2014-1302 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | 6.8 |
2014-04-02 | CVE-2014-1301 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes and Safari WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | 6.8 |
2014-04-02 | CVE-2014-1299 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | 6.8 |
2014-04-02 | CVE-2014-1298 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | 6.8 |
2014-04-02 | CVE-2014-1297 | Improper Input Validation vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access. | 5.0 |
2014-03-31 | CVE-2014-0067 | Permissions, Privileges, and Access Controls vulnerability in multiple products The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. | 4.6 |
2014-03-26 | CVE-2014-1303 | Buffer Errors vulnerability in Apple Safari 7.0.2 Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014. | 10.0 |
2014-03-26 | CVE-2014-1300 | Memory Corruption vulnerability in Apple Safari 7.0.2 Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014. | 10.0 |
2014-03-14 | CVE-2014-1294 | Buffer Errors vulnerability in Apple Iphone OS and Tvos WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293. | 6.8 |
2014-03-14 | CVE-2014-1293 | Buffer Errors vulnerability in Apple Iphone OS and Tvos WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1294. | 6.8 |