258831
|
- |
|
apple
|
iphone_os
|
SpringBoard Lock Screen in Apple iOS before 7.1 allows remote attackers to cause a denial of service (lock-screen hang) by leveraging a state-management error.
|
NVD-CWE-Other
|
CVE-2014-1286
|
2014-03-15 01:06 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258832
|
- |
|
apple
|
iphone_os
|
Per: https://cwe.mitre.org/data/definitions/361.html
"CWE-361: Time and State"
|
NVD-CWE-Other
|
CVE-2014-1286
|
2014-03-15 01:06 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258833
|
- |
|
apple
|
iphone_os
|
Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1285
|
2014-03-15 00:57 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258834
|
- |
|
apple
|
iphone_os
|
Photos Backend in Apple iOS before 7.1 does not properly manage the asset-library cache during deletions, which allows physically proximate attackers to obtain sensitive photo data by launching the P…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1281
|
2014-03-15 00:50 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258835
|
- |
|
apple
|
iphone_os
|
IOKit HID Event in Apple iOS before 7.1 allows attackers to conduct user-action monitoring attacks against arbitrary apps via a crafted app that accesses an IOKit framework interface.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1276
|
2014-03-15 00:20 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258836
|
- |
|
apple
|
iphone_os
|
FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call.
|
CWE-200
Information Exposure
|
CVE-2014-1274
|
2014-03-15 00:03 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258837
|
- |
|
kasseler-cms
|
kasseler-cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection…
|
CWE-352
Origin Validation Error
|
CVE-2013-3729
|
2014-03-14 02:42 |
2014-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258838
|
- |
|
zldnn
|
dnnarticle
|
SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid…
|
CWE-89
SQL Injection
|
CVE-2013-5117
|
2014-03-14 01:06 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258839
|
- |
|
dotnetnuke
|
dotnetnuke
|
Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-7335
|
2014-03-14 00:56 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258840
|
- |
|
dotnetnuke
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Disp…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3943
|
2014-03-14 00:24 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|