Vulnerabilities > Apple > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-22 | CVE-2014-1330 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | 6.8 |
2014-05-22 | CVE-2014-1329 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | 6.8 |
2014-05-22 | CVE-2014-1327 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | 6.8 |
2014-05-22 | CVE-2014-1326 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | 6.8 |
2014-05-22 | CVE-2014-1324 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | 6.8 |
2014-05-22 | CVE-2014-1323 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | 6.8 |
2014-05-19 | CVE-2013-7040 | Cryptographic Issues vulnerability in multiple products Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | 4.3 |
2014-05-18 | CVE-2014-1347 | Permissions, Privileges, and Access Controls vulnerability in Apple Itunes Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations. | 4.4 |
2014-05-14 | CVE-2014-0521 | Information Exposure vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document. | 4.3 |
2014-04-23 | CVE-2014-1322 | Information Exposure vulnerability in Apple mac OS X The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object. | 4.9 |