Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-1378

Malware in sbrugna...

10CVSS9.1AI score0.05512EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:31 a.m.5 views

SUSE CVE-2014-0506

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remo...

10CVSS7.8AI score0.0761EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:31 a.m.4 views

SUSE CVE-2014-1300

Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014...

10CVSS9.5AI score0.05512EPSS
Exploits1References3
NVD
NVD
added 2014/04/27 10:55 a.m.19 views

CVE-2014-1766

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. NOTE: the original disclosure...

9.3CVSS7.7AI score0.33293EPSS
Exploits0References5
NVD
NVD
added 2014/04/27 10:55 a.m.19 views

CVE-2014-1764

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

10CVSS7.5AI score0.37373EPSS
Exploits0References6
Prion
Prion
added 2014/04/27 10:55 a.m.17 views

Memory corruption

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. NOTE: the original disclosure...

9.3CVSS8.1AI score0.33293EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/04/27 10:55 a.m.19 views

Design/Logic Flaw

Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014...

7.6CVSS8.2AI score0.1565EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/04/27 10:55 a.m.30 views

Design/Logic Flaw

Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014...

7.5CVSS8.1AI score0.70727EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/04/27 10:55 a.m.16 views

Design/Logic Flaw

Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

10CVSS8.1AI score0.22558EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2014/04/27 10:0 a.m.72 views

CVE-2014-1766

CVE-2014-1766 affects Microsoft Internet Explorer 9–11. The issue enables remote code execution/memory corruption via a crafted web page, as demonstrated by researchers during Pwn2Own. The public-facing fix is MS14-035 (security update for Internet Explorer), with related patches such as KB296926...

9.3CVSS7.7AI score0.33293EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/04/27 10:0 a.m.24 views

CVE-2014-1766

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. NOTE: the original disclosure...

7.6AI score0.33293EPSS
Exploits0References5
CVE
CVE
added 2014/04/27 10:0 a.m.55 views

CVE-2014-1763

CVE-2014-1763 is a use-after-free vulnerability in Microsoft Internet Explorer 9–11 exploited via CSS handling (notably CSS @import) that could allow remote code execution. ZDI-14-217 documents a CSS memory corruption flaw in IE10/IE11/IE9, demonstrated by VUPEN during Pwn2Own 2014, with remote e...

10CVSS7.7AI score0.22558EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2014/04/27 10:0 a.m.64 views

CVE-2014-1765

CVE-2014-1765 refers to multiple use-after-free vulnerabilities in Microsoft Internet Explorer (IE) versions 6–11 that can lead to remote code execution when a user visits a malicious page or when a crafted document is opened. The ZDI advisories (ZDI-14-261 and ZDI-14-223) describe concrete use-a...

7.6CVSS7.7AI score0.1565EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/04/27 10:0 a.m.42 views

CVE-2014-1762

Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014...

7.5AI score0.70727EPSS
Exploits0References5
CVE
CVE
added 2014/04/27 10:0 a.m.58 views

CVE-2014-1764

CVE-2014-1764 affects Microsoft Internet Explorer 7–11. The issue is an object confusion vulnerability in the data exchanged between the broker and sandboxed processes, allowing a sandboxed process to execute code in the broker context and bypass IE Protected Mode. This can lead to remote code ex...

10CVSS7.7AI score0.37373EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2014/04/09 8:45 a.m.4 views

flash-plugin: two flaws leading to code execution (APSB14-09)

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remo...

10CVSS6.1AI score0.0761EPSS
Exploits1References5
Prion
Prion
added 2014/03/27 10:55 a.m.20 views

Heap overflow

Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

10CVSS8.6AI score0.09209EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2014/03/27 10:0 a.m.25 views

CVE-2014-0506

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remo...

7.3AI score0.0761EPSS
Exploits1References8
CVE
CVE
added 2014/03/27 10:0 a.m.84 views

CVE-2014-0510

CVE-2014-0510 involves a heap-based buffer overflow in Adobe Flash Player 12.0.0.77 . The issue allows remote code execution and can bypass sandbox protections via unspecified vectors, as demonstrated by researchers during a Pwn2Own/CanSecWest 2014 event. Affected product is Flash Player (version...

10CVSS8.2AI score0.08486EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2014/03/27 10:0 a.m.90 views

CVE-2014-0506

Technical details about CVE-2014-0506 are not publicly provided in the supplied documents. The sources reference the vulnerability but do not include specifics on impact, affected products beyond Flash Player/AIR, or remediation. Monitor for updates.

10CVSS7.5AI score0.0761EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder