CVSS: 8.8EPSS: 10%CPEs: 7EXPL: 0CVE-2014-4459
https://notcve.org/view.php?id=CVE-2014-4459
18 Nov 2014 — Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. Una vulnerabilidad de uso después de liberación en WebKit, usado en Apple OS X anterior a 10.10.1, permite a atacantes ejecutar código arbitrario a través de objetos de página en un documento HTML. • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html •
CVSS: 8.8EPSS: 4%CPEs: 11EXPL: 0CVE-2014-3192 – chromium: use-after-free in DOM, fixed in Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3192
08 Oct 2014 — Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en la función ProcessingInstruction::setXSLStyleSheet en core/dom/ProcessingInstruction.cpp en la implementación DOM en Blink, utilizado en Google... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2014-1347
https://notcve.org/view.php?id=CVE-2014-1347
18 May 2014 — Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations. Apple iTunes anterior a 11.2.1 en OS X configura permisos de lectura universal para /Users y /Users/Shared durante reinicios, lo que permite a usuarios locales modificar archivos, y como consecuencia obtener acceso a cuentas de usuarios arbitrarios, a través de o... • http://support.apple.com/kb/HT6251 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-1301
https://notcve.org/view.php?id=CVE-2014-1301
02 Apr 2014 — WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. WebKit, utilizado en Apple Safari anterior a 6.1.3 y 7.x anterior a 7.0.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a trav... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1242
https://notcve.org/view.php?id=CVE-2014-1242
23 Jan 2014 — Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream. Apple iTunes anterior a la versión 11.1.4 utiliza HTTP para la ventana iTunes Tutorials, lo que permite a atacantes man-in-the-middle falsificar contenido, tomando el control sobre el flujo de datos del cliente-servidor. • http://osvdb.org/102410 • CWE-310: Cryptographic Issues •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-5195
https://notcve.org/view.php?id=CVE-2013-5195
18 Dec 2013 — WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída ... • http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-5196
https://notcve.org/view.php?id=CVE-2013-5196
18 Dec 2013 — WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída ... • http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-5197
https://notcve.org/view.php?id=CVE-2013-5197
18 Dec 2013 — WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída ... • http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-5198
https://notcve.org/view.php?id=CVE-2013-5198
18 Dec 2013 — WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída ... • http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-5225
https://notcve.org/view.php?id=CVE-2013-5225
18 Dec 2013 — WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. WebKit, de la manera en que se utiliza en Apple Safari anteriores a 6.1.1 y 7.x anteriores a 7.0.1, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída ... • http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •