NotCVE - vendor:"Apple" product:"Mac Os X" version:"10.5.1"

Page 142 of 2167 results (0.022 seconds)

CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-5876 – Apple Security Advisory 2015-09-16-1

https://notcve.org/view.php?id=CVE-2015-5876

18 Sep 2015 — dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Vulnerabilidad en dyld en Dev Tools en Apple iOS en versiones anteriores a 9, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities tha... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0

CVE-2015-5879 – Apple Security Advisory 2015-09-16-1

https://notcve.org/view.php?id=CVE-2015-5879

18 Sep 2015 — XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header. Vulnerabilidad en XNU en el kernel en Apple iOS en versiones anteriores a 9, no valida adecuadamente las cabeceras de los paquetes TCP, lo que permite a atacantes remotos eludir el mecanismo de protección de secuencia numérica y causar una denegación de se... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5912 – Apple Security Advisory 2015-09-16-1

https://notcve.org/view.php?id=CVE-2015-5912

18 Sep 2015 — The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses. Vulnerabilidad en el componente CFNetwork FTPProtocol en Apple iOS en versiones anteriores a 9, permite a los servidores proxy FTP remotos activar los intentos de conexión TCP a los hosts de la intranet a través de respuestas manipuladas. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior r... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-17: DEPRECATED: Code •

CVSS: 5.3EPSS: 94%CPEs: 2EXPL: 2

CVE-2015-6908 – OpenLDAP 2.4.42 - ber_get_next Denial of Service

https://notcve.org/view.php?id=CVE-2015-6908

11 Sep 2015 — The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. Vulnerabilidad en la función ber_get_next en libraries/liblber/io.c en OpenLDAP 2.4.42 y versiones anteriores, permite a atacantes remotos causar una denegación de servicio (aserción accesible y caída de la aplicación) a través de datos BER manipulados, según lo dem... • https://www.exploit-db.com/exploits/38145 • CWE-20: Improper Input Validation •

CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-6563 – openssh: Privilege separation weakness related to PAM support

https://notcve.org/view.php?id=CVE-2015-6563

24 Aug 2015 — The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c. Vulnerabilidad en el componente monitor en sshd en OpenSSH en versiones anteriores a 7.0 en plataformas no OpenBSD, acepta datos de nombre de... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html • CWE-20: Improper Input Validation CWE-266: Incorrect Privilege Assignment •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2015-3784 – Apple Security Advisory 2015-10-15-1

https://notcve.org/view.php?id=CVE-2015-3784

13 Aug 2015 — Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Vulnerabilidad en Office Viewer en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos leer archivos arbitrarios a través de un documento XML que contiene una declaración de entidad externa ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-3757 – Apple Security Advisory 2015-08-13-2

https://notcve.org/view.php?id=CVE-2015-3757

13 Aug 2015 — Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane. Vulnerabilidad en Apple OS X en versiones anteriores a 10.10.5, no restringe adecuadamente el acceso al panel de preferencias de Fecha y Hora, lo que permite a usuarios locales falsificar la hora visitando este panel. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBlue... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-284: Improper Access Control •

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-3806 – Apple Security Advisory 2016-02-25-1

https://notcve.org/view.php?id=CVE-2015-3806

13 Aug 2015 — Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file. Vulnerabilidad en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales eludir un mecanismo de protección de firma de código añadiendo código a un archivo ejecutable manipulado. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD pl... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-3800 – Apple Security Advisory 2016-02-25-1

https://notcve.org/view.php?id=CVE-2015-3800

13 Aug 2015 — The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image. Vulnerabilidad en el componente DiskImages en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una imagen DMG mal formada.... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-3761 – Apple Security Advisory 2015-08-13-2

https://notcve.org/view.php?id=CVE-2015-3761

13 Aug 2015 — The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors. Vulnerabilidad en el kernel de Apple OS X en versiones anteriores a 10.10.5, no valida correctamente los nombres de ruta de acceso en el entorno, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •

1...140 141 142 143 144