Page 147 of 1392 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5788

https://notcve.org/view.php?id=CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element. Vulnerabilidad en la implementación WebKit Canvas en Apple iOS en versiones anteriores a la 9, permite a atacantes remotos eludir la Same Origin Policy y obtener información de imagen sensible a través de vectores que implican un elemento CANVAS. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securityfocus.com/bid/76766 http://www.securitytracker.com/id/1033609 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT205212 https://support.apple.com/HT205265 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-5823

https://notcve.org/view.php?id=CVE-2015-5823

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. Vulnerabilidad en WebKit, tal como se utiliza en JavaScriptCore en Apple iOS en versiones anteriores a 9 y iTunes en versiones anteriores a 12.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otras CVEs WebKit listadas en APPLE-SA-2015-09-16-1 y APPLE-SA-2015-09-16-3. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205221 https://support.apple.com/HT205265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5827

https://notcve.org/view.php?id=CVE-2015-5827

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event. Vulnerabilidad en WebKit en Apple iOS en versiones anteriores a 9, permite a atacantes remotos eludir la Same Origin Policy y obtener una referencia de objeto a través de vectores que involucran un evento (1) custom , (2) message o (3) pop state. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://www.securityfocus.com/bid/76766 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205265 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2015-5809

https://notcve.org/view.php?id=CVE-2015-5809

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 9 y iTunes en versiones anteriores a 12.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otras CVEs WebKit listadas en APPLE-SA-2015-09-16-1 y APPLE-SA-2015-09-16-3. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securityfocus.com/bid/76763 http://www.securitytracker.com/id/1033609 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT205212 https://support.apple.com/HT205221 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5825

https://notcve.org/view.php?id=CVE-2015-5825

WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code. Vulnerabilidad en WebKit en Apple iOS en versiones anteriores a 9, no restringe adecuadamente la disponibilidad de tiempos en la Performance API, lo que permite a atacantes remotos obtener información sensible sobre el histórico del navegador, el movimiento del ratón o del tráfico de red a través de código JavaScript manipulado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://www.securityfocus.com/bid/76766 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205265 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •