CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1CVE-2015-3796 – Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2015-3796
13 Aug 2015 — The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798. Vulnerabilidad en la librería TRE en Libc en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes dependientes del contexto ejecutar código arbitrario o caus... • https://www.exploit-db.com/exploits/38263 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2015-3797 – OS X Regex Engine Bad Alloca
https://notcve.org/view.php?id=CVE-2015-3797
13 Aug 2015 — The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3798. Vulnerabilidad en la librería TRE en Libc en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes dependientes del contexto ejecutar código arbitrario o caus... • https://packetstorm.news/files/id/133663 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 2CVE-2015-3798 – Apple Mac OSX Regex Engine (TRE) - Integer Signedness / Overflow
https://notcve.org/view.php?id=CVE-2015-3798
13 Aug 2015 — The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797. Vulnerabilidad en la librería TRE en Libc en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes dependientes del contexto ejecutar código arbitrario o caus... • https://packetstorm.news/files/id/133661 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 0CVE-2015-3804 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3804
13 Aug 2015 — FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775. Vulnerabilidad en FontParser en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 0CVE-2015-5758 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5758
13 Aug 2015 — ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image. Vulnerabilidad en ImageIO en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una imagen TIFF manipulada. OS X Yosemite ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 0CVE-2015-5775 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5775
13 Aug 2015 — FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756. Vulnerabilidad en FontParser en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 2EXPL: 0CVE-2015-5776 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5776
13 Aug 2015 — Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by leveraging use of an AF_INET6 socket. Vulnerabilidad en Libinfo en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) aprovechándose del uso de un socket AF_... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2015-5782 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-5782
13 Aug 2015 — ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. Vulnerabilidad en ImageIO en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a atacantes remotos obtener información sensible de la memoria del proceso a través de un... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 4CVE-2015-5522 – Debian Security Advisory 3309-1
https://notcve.org/view.php?id=CVE-2015-5522
20 Jul 2015 — Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. Desbordamiento de buffer basado en memoria dinámica en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando un carácter de comando en un href. Fernando Munoz discovered that HTML Tidy ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 3CVE-2015-5523 – Debian Security Advisory 3309-1
https://notcve.org/view.php?id=CVE-2015-5523
20 Jul 2015 — The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation. Vulnerabilidad en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando múltiples espacios en blanco antes de un href vacío, lo que desencadena una asig... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •