The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999.
Max CVSS
7.5
EPSS Score
2.27%
Published
2014-02-07
Updated
2017-08-29
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.
Max CVSS
10.0
EPSS Score
0.83%
Published
2014-02-06
Updated
2020-08-21
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
Max CVSS
10.0
EPSS Score
7.55%
Published
2014-02-06
Updated
2020-08-07
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
Max CVSS
9.3
EPSS Score
2.03%
Published
2014-02-06
Updated
2020-08-11
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.
Max CVSS
10.0
EPSS Score
0.92%
Published
2014-02-06
Updated
2020-08-21
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Max CVSS
9.8
EPSS Score
1.26%
Published
2014-02-06
Updated
2020-08-07
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.
Max CVSS
6.8
EPSS Score
1.06%
Published
2014-02-27
Updated
2016-12-08
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270.
Max CVSS
6.8
EPSS Score
1.06%
Published
2014-02-27
Updated
2016-12-08
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.
Max CVSS
6.8
EPSS Score
1.18%
Published
2014-02-27
Updated
2016-12-08
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font.
Max CVSS
7.5
EPSS Score
0.74%
Published
2014-02-27
Updated
2014-02-27
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
Max CVSS
6.8
EPSS Score
0.99%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
Max CVSS
6.8
EPSS Score
0.10%
Published
2014-02-27
Updated
2014-03-10
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
Max CVSS
6.8
EPSS Score
1.18%
Published
2014-02-27
Updated
2014-02-27
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
Max CVSS
6.8
EPSS Score
0.99%
Published
2014-02-27
Updated
2014-02-27
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted clef atom in a movie file.
Max CVSS
9.3
EPSS Score
9.60%
Published
2014-02-27
Updated
2015-10-21
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
Max CVSS
9.3
EPSS Score
0.64%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
Max CVSS
9.3
EPSS Score
1.06%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
Max CVSS
9.3
EPSS Score
1.06%
Published
2014-02-27
Updated
2014-03-10
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
Max CVSS
9.3
EPSS Score
3.30%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
Max CVSS
9.3
EPSS Score
4.86%
Published
2014-02-27
Updated
2014-02-27
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file.
Max CVSS
9.3
EPSS Score
3.65%
Published
2014-02-27
Updated
2014-03-10
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
Max CVSS
9.3
EPSS Score
5.08%
Published
2014-02-27
Updated
2015-10-21
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
Max CVSS
9.3
EPSS Score
3.03%
Published
2014-02-27
Updated
2014-02-27

CVE-2014-0980

Public exploit
Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file.
Max CVSS
9.3
EPSS Score
96.23%
Published
2014-02-11
Updated
2018-10-09
Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.
Max CVSS
10.0
EPSS Score
41.00%
Published
2014-02-21
Updated
2018-12-13
80 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!