Page 130 of 1790 results (0.023 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-7076 – Apple Security Advisory 2015-12-08-3

https://notcve.org/view.php?id=CVE-2015-7076

10 Dec 2015 — The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. El componente Intel Graphics Driver en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios o causar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnera... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2015-7077 – Apple Mac OSX - 'gst_configure' Kernel Buffer Overflow

https://notcve.org/view.php?id=CVE-2015-7077

10 Dec 2015 — The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors. El componente Intel Graphics Driver en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios o causar una denegación de servicio (acceso a memoria fuera de rango) a través de vectores no especificados. The external method 0x206 of IGAccelGLContext is gst_configure. This method takes an ... • https://packetstorm.news/files/id/135434 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2015-7078 – Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free

https://notcve.org/view.php?id=CVE-2015-7078

10 Dec 2015 — Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects. Vulnerabilidad de uso después de liberación de memoria en Hypervisor en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios a través de vectores que involucran objetos VM. The hv_space lock group gets an extra ref dropped when you kill a process with an AppleHV userclient; one via IOService::terminateWorker calling the AppleHV... • https://packetstorm.news/files/id/135432 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-7081 – Apple Security Advisory 2015-12-08-1

https://notcve.org/view.php?id=CVE-2015-7081

10 Dec 2015 — iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. iBooks en Apple iOS en versiones anteriores a 9.2 y OS X en versiones anteriores a 10.11.2 permite a atacantes remotos leer archivos arbitrarios a través de un archivo de iBooks que contiene una declaración de entidad externa XML en conjunción con una refe... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2

CVE-2015-7083 – Apple Mac OSX / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow

https://notcve.org/view.php?id=CVE-2015-7083

10 Dec 2015 — The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084. El kernel en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corr... • https://packetstorm.news/files/id/135428 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0

CVE-2015-5312 – libxml2: CPU exhaustion when processing specially crafted XML input

https://notcve.org/view.php?id=CVE-2015-5312

07 Dec 2015 — The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660. La función xmlStringLenDecodeEntities en parser.c en libxml2 en versiones anteriores a 2.9.3 no previene adecuadamente la expansión de entidad, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (cons... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-399: Resource Management Errors •

CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0

CVE-2015-8242 – libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode

https://notcve.org/view.php?id=CVE-2015-8242

07 Dec 2015 — The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. La función xmlSAX2TextNode en SAX2.c en la interfaz push en el parser HTML en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio (sobre lectura de buffer basado en pila... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 1%CPEs: 20EXPL: 0

CVE-2015-7499 – libxml2: Heap-based buffer overflow in xmlGROW

https://notcve.org/view.php?id=CVE-2015-7499

07 Dec 2015 — Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. Desbordamiento de buffer basado en memoria dinámica en la función xmlGROW en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto obtener información sensible de la memoria de proceso a través de vectores no especificados. A denial of service flaw was found in libxml2. A r... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 9.8EPSS: 1%CPEs: 17EXPL: 0

CVE-2015-7500 – libxml2: Heap buffer overflow in xmlParseMisc

https://notcve.org/view.php?id=CVE-2015-7500

07 Dec 2015 — The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags. La función xmlParseMisc en parser.c en libxml2 en versiones anteriores a 2.9.3 permite a atacantes dependientes del contexto causar una denegación de servicio (lectura de memoria dinámica fuera de rango) a través de vectores no especificados relacionados con límites de entidades... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 5.3EPSS: 4%CPEs: 56EXPL: 1

CVE-2015-3195 – OpenSSL: X509_ATTRIBUTE memory leak

https://notcve.org/view.php?id=CVE-2015-3195

03 Dec 2015 — The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. La implementación ASN1_TFLG_COMBINE en crypto/asn1/tasn_dec.c en OpenSSL en versiones anteriores a 0.9.8zh, 1.0.0 en versiones anteriores a 1.0.0t, 1.... • https://github.com/Trinadh465/OpenSSL-1_0_1g_CVE-2015-3195 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •