CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2010-1821
https://notcve.org/view.php?id=CVE-2010-1821
13 Apr 2017 — Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. Apple Mac OS X 10.6 a 10.6.3 y Mac OS X Server 10.6 a 10.6.3 permite a los usuarios locales obtener privilegios del sistema. • https://support.apple.com/en-us/HT4188 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-1816
https://notcve.org/view.php?id=CVE-2010-1816
13 Apr 2017 — Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. El desbordamiento de búfer en ImageIO en Apple Mac OS X 10.6 a 10.6.3 y Mac OS X Server 10.6 a 10.6.3 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio a través de una imagen manipulada. • https://support.apple.com/en-us/HT4188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1774 – Apple Security Advisory 2016-03-21-7
https://notcve.org/view.php?id=CVE-2016-1774
22 Mar 2016 — The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions. El servidor Time Machine en Server App en Apple OS X Server en versiones anteriores a 5.1 no notifica al usuario sobre los permisos ignorados durante la realización de una copia de seguridad, lo que facilita a a... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1776 – Apple Security Advisory 2016-03-21-7
https://notcve.org/view.php?id=CVE-2016-1776
22 Mar 2016 — Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request. Web Server en Apple OS X Server en versiones anteriores a 5.1 no restringe correctamente el acceso a archivos .DS_Store y .htaccess, lo que permite a atacantes remotos obtener información de configuración sensible a través de una petición HTTP. OS X Server 5.1 is now available and addresses RC4 crypto w... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1777 – Apple Security Advisory 2018-10-30-11
https://notcve.org/view.php?id=CVE-2016-1777
22 Mar 2016 — Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. Web Server en Apple OS X Server en versiones anteriores a 5.1 soporta el algoritmo RC4, lo que facilita a atacantes remotos vencer los mecanismos de protección criptográfica a través de vectores no especificados. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and address... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html • CWE-310: Cryptographic Issues •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1787 – Apple Security Advisory 2016-03-21-7
https://notcve.org/view.php?id=CVE-2016-1787
22 Mar 2016 — Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. Wiki Server en Apple OS X Server en versiones anteriores a 5.1 permite a atacantes remotos obtener información sensible de páginas Wiki a través de vectores no especificados. OS X Server 5.1 is now available and addresses RC4 crypto weaknesses, file access, and information disclosure vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7031 – Apple Security Advisory 2015-10-21-8
https://notcve.org/view.php?id=CVE-2015-7031
21 Oct 2015 — The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors. El componente Web Service en Apple OS X Server en versiones anteriores a 5.0.15 omite una configuración de cabecera HTTP no especificada, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso a través de vectores desconocidos. OS X Server 5.0.15 is now available and addresses BIND and ... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5911 – Apple Security Advisory 2015-09-16-4
https://notcve.org/view.php?id=CVE-2015-5911
18 Sep 2015 — Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document. Múltiples vulnerabilidades no especificadas en Twisted en Wiki Server en Apple OS X Server en versiones anteriores a 5.0.3, permite a atacantes remotos tener un impacto desconocido a través de una documento XML. OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html •
CVSS: 7.5EPSS: 94%CPEs: 3EXPL: 0CVE-2015-5986 – Apple Security Advisory 2015-10-21-8
https://notcve.org/view.php?id=CVE-2015-5986
03 Sep 2015 — openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. Openpgpkey_61.c en demonio named en ISC BIND 9.9.7 en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegación de servicio (error en aserción REQUIRE y salida del demonio) a través de una respuesta DNS manipulada. New bind packag... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 96%CPEs: 3EXPL: 0CVE-2015-5722 – bind: malformed DNSSEC key failed assertion denial of service
https://notcve.org/view.php?id=CVE-2015-5722
02 Sep 2015 — buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. Vulnerabilidad en buffer.c en nombrado en ISC BIND 9.x en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegación de servicio (error de aserción y salida del demonio) mediante... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •