Page 282 of 1538 results (0.015 seconds)

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Vulnerabilidad en libpthread en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. Vulnerabilidad en la implementación del protocolo Neighbor Discovery (ND) en la pila IPv6 en Apple iOS en versiones anteriores a 9, permite a atacantes remotos reconfigurar un ajuste de límite de salto a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://openwall.com/lists/oss-security/2015/04/04/2 http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-20: Improper Input Validation •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack. Vulnerabilidad en el inicializador de conveniencia en el componente Multipeer Connectivity en Apple iOS en versiones anteriores a 9, no requiere una sesión cifrada, lo que permite a usuarios locales obtener los datos multipeer en texto plano a través de un ataque encrypted-to-unencrypted downgrade. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 5%CPEs: 2EXPL: 0

XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header. Vulnerabilidad en XNU en el kernel en Apple iOS en versiones anteriores a 9, no valida adecuadamente las cabeceras de los paquetes TCP, lo que permite a atacantes remotos eludir el mecanismo de protección de secuencia numérica y causar una denegación de servicio (Interrupción de la conexión TCP) a través de una cabecera manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5896. Vulnerabilidad en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5868 y CVE-2015-5896. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •