| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-2736 | 7.5 |
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticated users to execute arbitrary SQL commands via the (
|
22-10-2019 - 17:23 | 24-04-2014 - 14:55 | |
| CVE-2014-4363 | 5.0 |
Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3
|
16-07-2019 - 12:20 | 18-09-2014 - 10:55 | |
| CVE-2014-4377 | 6.8 |
Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
|
08-03-2019 - 16:06 | 18-09-2014 - 10:55 | |
| CVE-2019-0267 | 6.8 |
SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external applicat
|
20-02-2019 - 15:06 | 15-02-2019 - 18:29 | |
| CVE-2006-1075 | 7.5 |
Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapnam
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
| CVE-2007-6581 | 6.4 |
Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.ph
|
29-09-2017 - 01:30 | 28-12-2007 - 21:46 | |
| CVE-2014-4390 | 9.3 |
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
|
29-08-2017 - 01:34 | 19-09-2014 - 10:55 | |
| CVE-2014-4374 | 5.0 |
NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. <a href="http://cw
|
29-08-2017 - 01:34 | 18-09-2014 - 10:55 | |
| CVE-2014-4350 | 6.8 |
Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.
|
29-08-2017 - 01:34 | 19-09-2014 - 10:55 | |
| CVE-2014-4376 | 10.0 |
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments. <a href="http:
|
29-08-2017 - 01:34 | 19-09-2014 - 10:55 | |
| CVE-2014-1391 | 6.8 |
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.
|
29-08-2017 - 01:34 | 19-09-2014 - 10:55 | |
| CVE-2003-1414 | 4.3 |
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 |