CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-4471
https://notcve.org/view.php?id=CVE-2014-4471
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.xanterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción ... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-4472
https://notcve.org/view.php?id=CVE-2014-4472
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-4473
https://notcve.org/view.php?id=CVE-2014-4473
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2014-4452
https://notcve.org/view.php?id=CVE-2014-4452
18 Nov 2014 — WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462. WebKit, usado en Apple iOS anterior a 8.1.1 y Apple TV anterior a 7.0.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria y caída de la aplicación) a través de un sito web manipulado, u... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 10%CPEs: 7EXPL: 0CVE-2014-4459
https://notcve.org/view.php?id=CVE-2014-4459
18 Nov 2014 — Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. Una vulnerabilidad de uso después de liberación en WebKit, usado en Apple OS X anterior a 10.10.1, permite a atacantes ejecutar código arbitrario a través de objetos de página en un documento HTML. • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html •
CVSS: 8.8EPSS: 4%CPEs: 11EXPL: 0CVE-2014-3192 – chromium: use-after-free in DOM, fixed in Chrome 38.0.2125.101
https://notcve.org/view.php?id=CVE-2014-3192
08 Oct 2014 — Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en la función ProcessingInstruction::setXSLStyleSheet en core/dom/ProcessingInstruction.cpp en la implementación DOM en Blink, utilizado en Google... • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2014-4415
https://notcve.org/view.php?id=CVE-2014-4415
18 Sep 2014 — WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. WebKit, utilizado en Apple iOS anterior a 8 y Apple TV anterior a 7, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria y caída de l... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2014-4363
https://notcve.org/view.php?id=CVE-2014-4363
17 Sep 2014 — Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element. Safari en Apple iOS anterior a 8 no restringe debidamente el autocompletado de la contraseñas en formularios, lo que permite a atacantes remotos obtener información sensible a través de (1) un sitio web http, (2) un sitio web https con cerit... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-255: Credentials Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1384
https://notcve.org/view.php?id=CVE-2014-1384
14 Aug 2014 — WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. WebKit, utilizado en Apple Safari anterior a 6.1.6 y 7.x anterior a 7.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sit... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2014-1385
https://notcve.org/view.php?id=CVE-2014-1385
14 Aug 2014 — WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. WebKit, utilizado en Apple Safari anterior a 6.1.6 y 7.x anterior a 7.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sit... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •