813 results (0.014 seconds)

CVSS: 9.3EPSS: 1%CPEs: 8EXPL: 0

Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. El desbordamiento de búfer en ImageIO en Apple Mac OS X 10.6 a 10.6.3 y Mac OS X Server 10.6 a 10.6.3 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio a través de una imagen manipulada. • https://support.apple.com/en-us/HT4188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. Apple Mac OS X 10.6 a 10.6.3 y Mac OS X Server 10.6 a 10.6.3 permite a los usuarios locales obtener privilegios del sistema. • https://support.apple.com/en-us/HT4188 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. Web Server en Apple OS X Server en versiones anteriores a 5.1 soporta el algoritmo RC4, lo que facilita a atacantes remotos vencer los mecanismos de protección criptográfica a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html http://www.securityfocus.com/bid/85054 http://www.securitytracker.com/id/1035342 https://support.apple.com/HT206173 • CWE-310: Cryptographic Issues •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. Wiki Server en Apple OS X Server en versiones anteriores a 5.1 permite a atacantes remotos obtener información sensible de páginas Wiki a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html http://www.securityfocus.com/bid/85054 http://www.securitytracker.com/id/1035342 https://support.apple.com/HT206173 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions. El servidor Time Machine en Server App en Apple OS X Server en versiones anteriores a 5.1 no notifica al usuario sobre los permisos ignorados durante la realización de una copia de seguridad, lo que facilita a atacantes remotos obtener información sensible en circunstancias oportunistas leyendo los datos de la copia de seguridad que carecen de las restricciones previstas. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html http://www.securityfocus.com/bid/85054 http://www.securitytracker.com/id/1035342 https://support.apple.com/HT206173 • CWE-284: Improper Access Control •