CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2014(Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1001 CVE-2014-1325 119 DoS Exec Code Overflow Mem. Corr. 2014-07-01 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
1002 CVE-2014-1324 119 DoS Exec Code Overflow Mem. Corr. 2014-05-22 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.
1003 CVE-2014-1323 119 DoS Exec Code Overflow Mem. Corr. 2014-05-22 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.
1004 CVE-2014-1319 119 DoS Exec Code Overflow 2014-04-23 2014-04-23
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
1005 CVE-2014-1318 20 Exec Code 2014-04-23 2014-04-23
10.0
None Remote Low Not required Complete Complete Complete
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application.
1006 CVE-2014-1315 134 DoS Exec Code 2014-04-23 2014-04-23
6.8
None Remote Medium Not required Partial Partial Partial
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL.
1007 CVE-2014-1314 264 Exec Code Bypass 2014-04-23 2014-04-24
10.0
None Remote Low Not required Complete Complete Complete
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.
1008 CVE-2014-1313 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1009 CVE-2014-1312 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1010 CVE-2014-1311 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1011 CVE-2014-1310 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1012 CVE-2014-1309 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1013 CVE-2014-1308 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1014 CVE-2014-1307 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1015 CVE-2014-1305 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1016 CVE-2014-1304 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1017 CVE-2014-1303 119 Exec Code Overflow Bypass 2014-03-26 2016-12-08
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.
1018 CVE-2014-1302 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1019 CVE-2014-1301 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-22
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1020 CVE-2014-1300 Exec Code 2014-03-26 2016-12-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.
1021 CVE-2014-1299 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1022 CVE-2014-1298 119 DoS Exec Code Overflow Mem. Corr. 2014-04-02 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
1023 CVE-2014-1294 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293.
1024 CVE-2014-1293 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1294.
1025 CVE-2014-1292 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294.
1026 CVE-2014-1291 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.
1027 CVE-2014-1290 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.
1028 CVE-2014-1289 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.
1029 CVE-2014-1287 119 DoS Exec Code Overflow Mem. Corr. 2014-03-14 2019-03-08
7.2
None Local Low Not required Complete Complete Complete
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
1030 CVE-2014-1275 119 DoS Exec Code Overflow 2014-03-14 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
1031 CVE-2014-1270 119 DoS Exec Code Overflow Mem. Corr. 2014-02-27 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.
1032 CVE-2014-1269 119 DoS Exec Code Overflow Mem. Corr. 2014-02-27 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270.
1033 CVE-2014-1268 119 DoS Exec Code Overflow Mem. Corr. 2014-02-27 2016-12-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.
1034 CVE-2014-1261 189 DoS Exec Code 2014-02-27 2014-02-27
7.5
None Remote Low Not required Partial Partial Partial
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
1035 CVE-2014-1260 119 DoS Exec Code Overflow Mem. Corr. 2014-02-27 2014-03-10
6.8
None Remote Medium Not required Partial Partial Partial
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
1036 CVE-2014-1259 119 DoS Exec Code Overflow 2014-02-27 2014-03-10
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
1037 CVE-2014-1258 119 DoS Exec Code Overflow 2014-02-27 2014-02-27
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
1038 CVE-2014-1254 119 DoS Exec Code Overflow Mem. Corr. 2014-02-27 2014-02-27
6.8
None Remote Medium Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
1039 CVE-2014-1252 415 DoS Exec Code 2014-01-24 2017-08-29
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file.
1040 CVE-2014-1251 119 DoS Exec Code Overflow 2014-02-27 2015-10-21
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.
1041 CVE-2014-1250 119 DoS Exec Code Overflow 2014-02-27 2014-03-10
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
1042 CVE-2014-1249 119 DoS Exec Code Overflow 2014-02-27 2014-03-10
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
1043 CVE-2014-1248 119 DoS Exec Code Overflow 2014-02-27 2014-03-10
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
1044 CVE-2014-1247 119 DoS Exec Code Overflow Mem. Corr. 2014-02-27 2014-03-10
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
1045 CVE-2014-1246 119 DoS Exec Code Overflow 2014-02-27 2014-02-27
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
1046 CVE-2014-1245 189 DoS Exec Code 2014-02-27 2014-03-10
9.3
None Remote Medium Not required Complete Complete Complete
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.
1047 CVE-2014-1244 119 DoS Exec Code Overflow 2014-02-27 2015-10-21
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
1048 CVE-2014-1243 119 DoS Exec Code Overflow 2014-02-27 2014-02-27
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
1049 CVE-2014-1216 1 Exec Code 2014-04-22 2014-04-22
7.5
None Remote Low Not required Partial Partial Partial
FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page.
1050 CVE-2014-1206 89 1 Exec Code Sql 2014-01-15 2018-10-09
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
Total number of vulnerabilities : 1572   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 (This Page)22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.