CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5903 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5903
18 Sep 2015 — The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896. Vulnerabilidad en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5868 y CVE-2015-5896. OS X El Capitan 10.11 is ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5868 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5868
18 Sep 2015 — The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903. Vulnerabilidad en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5896 y CVE-2015-5903. OS X El Capitan 10.11 is ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2015-5869 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5869
18 Sep 2015 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. Vulnerabilidad en la implementación del protocolo Neighbor Discovery (ND) en la pila IPv6 en Apple iOS en versiones anteriores a 9, permite a atacantes remotos reconfigurar un ajuste de límite de salto a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). OS X El Cap... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 4%CPEs: 4EXPL: 0CVE-2015-5874 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-5874
18 Sep 2015 — CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. Vulnerabilidad en CoreText en Apple iOS en versiones anteriores a 9 y iTunes en versiones anteriores a 12.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo de fuente manipulado. iTunes 12.3 is now available and addresses code execution, applic... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5876 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5876
18 Sep 2015 — dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Vulnerabilidad en dyld en Dev Tools en Apple iOS en versiones anteriores a 9, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities tha... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5916 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5916
18 Sep 2015 — The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature. Vulnerabilidad en el componente Apple Pay en Apple iOS en versiones anteriores a 9, permite a terminales remotos obtener información sensible de recent-transaction durante los pagos mediante el aprovechamiento de la característica transaction-log. watchOS 2.0.1 is now available and addresses arbitrary code execution, heap buffer o... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 4CVE-2015-5522 – Debian Security Advisory 3309-1
https://notcve.org/view.php?id=CVE-2015-5522
20 Jul 2015 — Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. Desbordamiento de buffer basado en memoria dinámica en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando un carácter de comando en un href. Fernando Munoz discovered that HTML Tidy ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 3CVE-2015-5523 – Debian Security Advisory 3309-1
https://notcve.org/view.php?id=CVE-2015-5523
20 Jul 2015 — The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation. Vulnerabilidad en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando múltiples espacios en blanco antes de un href vacío, lo que desencadena una asig... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 3%CPEs: 17EXPL: 0CVE-2015-1819 – libxml2: denial of service processing a crafted XML document
https://notcve.org/view.php?id=CVE-2015-1819
07 Jul 2015 — The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Vulnerabilidad en el xmlreader en libxml, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de datos XML manipulados, relacionada con un ataque XML Entity Expansión (XEE). A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 3CVE-2014-8146 – ICU library 52 < 54 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-8146
05 May 2015 — The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. La función resolveImplicitLevels en common/ubidi.c en la implementación Unicode Bidirectional Algorithm en ICU4C en International Comp... • https://www.exploit-db.com/exploits/43887 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •