CVSS: 6.5EPSS: 2%CPEs: 58EXPL: 0CVE-2016-0777 – OpenSSH: Client Information leak due to use of roaming connection feature
https://notcve.org/view.php?id=CVE-2016-0777
14 Jan 2016 — The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key. La función resend_bytes en roaming_common.c en el cliente en OpenSSH 5.x, 6.x y 7.x en versiones anteriores a 7.1p2 permite a servidores remotos obtener información sensible desde la memoria de proceso mediante la petición de transmisión de un bu... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-682: Incorrect Calculation •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0CVE-2015-8659 – Gentoo Linux Security Advisory 201612-06
https://notcve.org/view.php?id=CVE-2015-8659
12 Jan 2016 — The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug. El manejo de flujo de datos en reposo en nghttp2 en versiones anteriores a 1.6.0 permite atacantes tener un impacto no especificado a través de vectores desconocidos, también conocido como error de uso después de liberación de memoria dinámica. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6980
https://notcve.org/view.php?id=CVE-2015-6980
11 Jan 2016 — Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors. Directory Utility en Apple OS X en versiones anteriores a 10.11.1 no maneja adecuadamente la autenticación para sesiones nuevas, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7024
https://notcve.org/view.php?id=CVE-2015-7024
11 Jan 2016 — Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature. Vulnerabilidad de búsqueda de ruta no confiable en Apple OS X en versiones anteriores a 10.11.1 permite a usuarios locales eludir las restricciones de Gatekeeper previstas y obtener privilegios a través de un programa Troyano que se c... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html •
CVSS: 4.3EPSS: 1%CPEs: 3EXPL: 0CVE-2015-7116
https://notcve.org/view.php?id=CVE-2015-7116
10 Jan 2016 — libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115. libxml2 en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2 y tvOS en versiones anteriores a 9.1 permite a atacantes remotos obtener información sensible o provocar una denegación de servicio (corrupción de memoria) a través de ... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 1%CPEs: 3EXPL: 0CVE-2015-7115
https://notcve.org/view.php?id=CVE-2015-7115
10 Jan 2016 — libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116. libxml2 en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2 y tvOS en versiones anteriores a 9.1 permite a atacantes remotos obtener información sensible o provocar una denegación de servicio (corrupción de memoria) a través de ... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7105 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7105
10 Dec 2015 — CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. CoreGraphics en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a ... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2015-7106 – Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference
https://notcve.org/view.php?id=CVE-2015-7106
10 Dec 2015 — The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. El componente Intel Graphics Driver en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnerabilities. • https://packetstorm.news/files/id/135433 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-7107 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7107
10 Dec 2015 — QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file. QuickLook en Apple iOS en versiones anteriores a 9.2 y OS X en versiones anteriores a 10.11.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo iWork manipulado. OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addre... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2015-7108 – Apple Mac OSX - 'IOBluetoothHCIUserClient' Arbitrary Kernel Code Execution
https://notcve.org/view.php?id=CVE-2015-7108
10 Dec 2015 — The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. La interfaz Bluetooth HCI en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. IOBluetoothHCIUserClient uses an IOCommandGate to dispatch external methods; it passes a pointer to the structInput of the ... • https://packetstorm.news/files/id/135431 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •