Total
5271 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1489 | 6 Canonical, Mozilla, Opensuse and 3 more | 8 Ubuntu Linux, Firefox, Opensuse and 5 more | 2026-06-17 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site. | |||||
| CVE-2014-1476 | 1 Drupal | 1 Drupal | 2026-06-17 | 4.0 MEDIUM | N/A |
| The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an earlier version of Drupal, does not properly restrict access to unpublished content, which allows remote authenticated users to obtain sensitive information via a listing page. | |||||
| CVE-2014-1438 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 4.7 MEDIUM | N/A |
| The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application. | |||||
| CVE-2014-1425 | 2 Canonical, Linuxcontainers | 2 Ubuntu Linux, Cgmanager | 2026-06-17 | 2.1 LOW | N/A |
| cmanager 0.32 does not properly enforce nesting when modifying cgroup properties, which allows local users to set cgroup values for all cgroups via unspecified vectors. | |||||
| CVE-2014-1424 | 2 Canonical, Ubuntu | 2 Ubuntu, Apparmor | 2026-06-17 | 6.4 MEDIUM | N/A |
| apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw." | |||||
| CVE-2014-1421 | 1 Canonical | 1 Ubuntu Linux | 2026-06-17 | 7.2 HIGH | N/A |
| mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors. | |||||
| CVE-2014-1402 | 1 Pocoo | 1 Jinja2 | 2026-06-17 | 4.4 MEDIUM | N/A |
| The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp. | |||||
| CVE-2014-1383 | 1 Apple | 1 Tvos | 2026-06-17 | 5.5 MEDIUM | N/A |
| Apple TV before 6.1.2 allows remote authenticated users to bypass an intended password requirement for iTunes Store purchase transactions via unspecified vectors. | |||||
| CVE-2014-1381 | 1 Apple | 1 Mac Os X | 2026-06-17 | 10.0 HIGH | N/A |
| Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call. | |||||
| CVE-2014-1380 | 1 Apple | 1 Mac Os X | 2026-06-17 | 2.6 LOW | N/A |
| The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input. | |||||
| CVE-2014-1378 | 1 Apple | 1 Mac Os X | 2026-06-17 | 2.1 LOW | N/A |
| IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object. | |||||
| CVE-2014-1376 | 1 Apple | 1 Mac Os X | 2026-06-17 | 10.0 HIGH | N/A |
| Intel Compute in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenCL API call, which allows attackers to execute arbitrary code via a crafted application. | |||||
| CVE-2014-1375 | 1 Apple | 1 Mac Os X | 2026-06-17 | 2.1 LOW | N/A |
| Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object. | |||||
| CVE-2014-1373 | 1 Apple | 1 Mac Os X | 2026-06-17 | 10.0 HIGH | N/A |
| Intel Graphics Driver in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenGL API call, which allows attackers to execute arbitrary code via a crafted application. | |||||
| CVE-2014-1372 | 1 Apple | 1 Mac Os X | 2026-06-17 | 4.9 MEDIUM | N/A |
| Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during processing of an unspecified system call, which allows local users to obtain sensitive information from kernel memory and bypass the ASLR protection mechanism via a crafted call. | |||||
| CVE-2014-1353 | 1 Apple | 1 Iphone Os | 2026-06-17 | 3.6 LOW | N/A |
| Lock Screen in Apple iOS before 7.1.2 does not properly manage the telephony state in Airplane Mode, which allows physically proximate attackers to bypass the lock protection mechanism, and access a certain foreground application, via unspecified vectors. | |||||
| CVE-2014-1352 | 1 Apple | 1 Iphone Os | 2026-06-17 | 1.9 LOW | N/A |
| Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors. | |||||
| CVE-2014-1351 | 1 Apple | 1 Iphone Os | 2026-06-17 | 3.6 LOW | N/A |
| Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambiguously. | |||||
| CVE-2014-1350 | 1 Apple | 1 Iphone Os | 2026-06-17 | 4.6 MEDIUM | N/A |
| Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management. | |||||
| CVE-2014-1347 | 1 Apple | 2 Itunes, Mac Os X | 2026-06-17 | 4.4 MEDIUM | N/A |
| Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations. | |||||
