CVE-2017-7137
https://notcve.org/view.php?id=CVE-2017-7137
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Se ha descubierto un problema en ciertos productos Apple.. • http://www.securityfocus.com/bid/100894 http://www.securitytracker.com/id/1039386 https://support.apple.com/HT208103 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-7529 – nginx: Integer overflow in nginx range filter module leading to memory disclosure
https://notcve.org/view.php?id=CVE-2017-7529
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. Las versiones desde la 0.5.6 hasta 1.13.2 incluyéndola de Nginx, son susceptibles a una vulnerabilidad de desbordamiento de enteros en el módulo filtro de rango de nginx, resultando en un filtrado de información potencialmente confidencial activada por una petición especialmente creada. A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory by sending specially crafted HTTP requests. • https://github.com/liusec/CVE-2017-7529 https://github.com/MaxSecurity/CVE-2017-7529-POC https://github.com/Shehzadcyber/CVE-2017-7529 https://github.com/SirEagIe/CVE-2017-7529 https://github.com/cyberk1w1/CVE-2017-7529 https://github.com/cyberharsh/nginx-CVE-2017-7529 https://github.com/coolman6942o/-Exploit-CVE-2017-7529 https://github.com/fu2x2000/CVE-2017-7529-Nginx---Remote-Integer-Overflow-Exploit http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html http: • CWE-190: Integer Overflow or Wraparound •
CVE-2016-4705
https://notcve.org/view.php?id=CVE-2016-4705
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704. otool en Apple Xcode en versiones anteriores a 8 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4704. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00003.html http://www.securityfocus.com/bid/92931 http://www.securitytracker.com/id/1036787 https://support.apple.com/HT207140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-4704
https://notcve.org/view.php?id=CVE-2016-4704
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705. otool en Apple Xcode en versiones anteriores a 8 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4705. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00003.html http://www.securityfocus.com/bid/92931 http://www.securitytracker.com/id/1036787 https://support.apple.com/HT207140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-1765
https://notcve.org/view.php?id=CVE-2016-1765
otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors. otool en Apple Xcode en versiones anteriores a 7.3 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html http://www.securitytracker.com/id/1035352 https://support.apple.com/HT206172 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •