Page 108 of 541 results (0.015 seconds)

CVSS: 6.8EPSS: 2%CPEs: 22EXPL: 0

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154. WebKit, utilizado en Apple Safari anterior a 6.2.6, 7.x anterior a 7.1.6, y 8.x anterior a 8.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2015-1152 y CVE-2015-1154. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/May/msg00000.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://support.apple.com/kb/HT204941 http://www.securityfocus.com/bid/74523 http://www.securitytracker.com/id/1032270 http://www. •

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 3

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. La función resolveImplicitLevels en common/ubidi.c en la implementación Unicode Bidirectional Algorithm en ICU4C en International Components for Unicode (ICU) anterior a 55.1 no rastrea correctamente trozos de texto aislados direccionalmente, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) o posiblemente ejecutar código arbitrario a través de texto manipulado. • https://www.exploit-db.com/exploits/43887 http://bugs.icu-project.org/trac/changeset/37162 http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://openwall.com/lists/oss-security/2015/05/05/6 http://seclists.org/fulldisclosure/2015/May/14 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462. WebKit, usado en Apple iOS anterior a 8.1.1 y Apple TV anterior a 7.0.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria y caída de la aplicación) a través de un sito web manipulado, una vulnerabilidad diferente a la CVE-2014-4462. • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://secunia.com/advisories/62504 http://secunia.com/advisories/62505 http://support.apple.com/kb/HT6596 http://www.securityfocus.com/bid/71137 http://www.securitytracker.com/id/1031231 https:&# • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 2%CPEs: 7EXPL: 0

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. Una vulnerabilidad de uso después de liberación en WebKit, usado en Apple OS X anterior a 10.10.1, permite a atacantes ejecutar código arbitrario a través de objetos de página en un documento HTML. • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://secunia.com/advisories/62503 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://support.apple. •

CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 0

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en la función ProcessingInstruction::setXSLStyleSheet en core/dom/ProcessingInstruction.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 38.0.2125.101, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://rhn.redhat.com/errata/RHSA-2014-1626.html http://support.apple.com/HT204243 http://support.apple.com/HT204245 http:/& • CWE-416: Use After Free •