259571
|
- |
|
apple
|
iphone_os
|
The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a #! application on the basis of the script interpreter instead of the script, which allows attackers to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5154
|
2013-10-26 01:58 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259572
|
- |
|
apple
|
iphone_os
|
The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that emp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5149
|
2013-10-26 01:56 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259573
|
- |
|
apple
|
iphone_os
|
The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK pa…
|
CWE-255
Credentials Management
|
CVE-2013-4616
|
2013-10-26 01:37 |
2013-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259574
|
- |
|
sap
|
erp_central_component
|
Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB function in the Project System (PS-IS) module for SAP ERP Central Component (ECC) allow remote attackers to execute arbitrary cod…
|
CWE-94
Code Injection
|
CVE-2013-3244
|
2013-10-26 00:18 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259575
|
- |
|
redhat
|
jboss_operations_network
|
The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4293
|
2013-10-25 23:33 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259576
|
- |
|
apache
|
sling sling_auth_core_component
|
Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arb…
|
CWE-20
Improper Input Validation
|
CVE-2013-4390
|
2013-10-25 23:30 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259577
|
- |
|
apple
|
mac_os_x
|
socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a netw…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5165
|
2013-10-25 09:10 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259578
|
- |
|
apple
|
mac_os_x
|
CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5169
|
2013-10-25 09:09 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259579
|
- |
|
apple
|
mac_os_x
|
The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temp…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5173
|
2013-10-25 09:04 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259580
|
- |
|
apple
|
mac_os_x
|
The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file.
|
CWE-20
Improper Input Validation
|
CVE-2013-5175
|
2013-10-25 09:02 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|