Page 281 of 2432 results (0.021 seconds)

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors. Vulnerabilidad en IOStorageFamily en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app. Vulnerabilidad en NetworkExtension en el kernel en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a atacantes obtener información sensible del memory-layout a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file. Vulnerabilidad en dyld en Apple iOS en versiones anteriores a 9, permite a atacantes eludir el mecanismo de protección de firmado de código a través de una aplicación que coloca una firma manipulada en un archivo ejecutable. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-254: 7PK - Security Features •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses. Vulnerabilidad en el componente CFNetwork FTPProtocol en Apple iOS en versiones anteriores a 9, permite a los servidores proxy FTP remotos activar los intentos de conexión TCP a los hosts de la intranet a través de respuestas manipuladas. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/archive/1/536488/100/0/threaded http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-17: DEPRECATED: Code •

CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0

CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. Vulnerabilidad en CoreText en Apple iOS en versiones anteriores a 9 y iTunes en versiones anteriores a 12.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo de fuente manipulado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76763 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205221 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •