Page 133 of 1392 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog. Apple Safari en versiones anteriores a 9.1 permite a atacantes remotos suplantar la interfaz de usuario a través de una página web que introduce texto en un contexto manipulado, conduciendo al uso no intencionado de ese texto dentro de un diálogo de Safari. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html http://www.securityfocus.com/bid/85055 http://www.securitytracker.com/id/1035354 https://support.apple.com/HT206171 • CWE-19: Data Processing Errors •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to bypass intended port restrictions via a crafted web site. WebKit en Apple iOS en versiones anteriores a 9.3 y Safari en versiones anteriores a 9.1 no restringe correctamente los redireccionamientos que especifican un número de puerto TCP, lo que permite a atacantes remotos eludir las restricciones de puerto previstas a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html http://www.securityfocus.com/archive/1/537948/100/0/threaded http://www.securitytracker.com/id/1035353 https://support.apple.com/HT206166 https://support.apple.com/HT206171 • CWE-284: Improper Access Control •

CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0

WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. WebKit en Apple iOS en versiones anteriores a 9.3, Safari en versiones anteriores a 9.1 y tvOS en versiones anteriores a 9.2 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html http://www.securityfocus.com/archive/1/537948/100/0/threaded http://www.securitytracker.com/id/1035353 https://support.apple.com/HT206166 https://support.apple.com/HT206169 https://support.apple.com/HT206171 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site. La implementación History en WebKit en Apple iOS en versiones anteriores a 9.3, Safari en versiones anteriores a 9.1 y tvOS en versiones anteriores a 9.2 permite a atacantes remotos causar una denegación de servicio (consumo de recurso y caída de aplicación) a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html http://www.securitytracker.com/id/1035353 https://support.apple.com/HT206166 https://support.apple.com/HT206169 https://support.apple.com/HT206171 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.1EPSS: 0%CPEs: 31EXPL: 1

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. La función xmlNextChar en libxml2 en versiones anteriores a 2.9.4 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de buffer basado en memoria dinámica) a través de un documento XML manipulado. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •