NotCVE - vendor:"Apple" product:"Mac Os X" version:" <= 10.10.0"

Page 300 of 2914 results (0.015 seconds)

CVSS: 4.3EPSS: 2%CPEs: 9EXPL: 3

CVE-2015-5523

https://notcve.org/view.php?id=CVE-2015-5523

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation. Vulnerabilidad en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando múltiples espacios en blanco antes de un href vacío, lo que desencadena una asignación de memoria de gran tamaño. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.debian.org/security/2015/dsa-3309 http://www.openwall.com/lists/oss-security/2015/06/04/2 http://www.openwall.com/lists/oss-security/2015/07/13/7 http://www.openwall.com/lists/oss-security/2015/07/15/3 http://www.securityfocus.com/bid/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 9EXPL: 4

CVE-2015-5522

https://notcve.org/view.php?id=CVE-2015-5522

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href. Desbordamiento de buffer basado en memoria dinámica en la función ParseValue en lexer.c en tidy en versiones anteriores a 4.9.31, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores implicando un carácter de comando en un href. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.debian.org/security/2015/dsa-3309 http://www.openwall.com/lists/oss-security/2015/06/04/2 http://www.openwall.com/lists/oss-security/2015/07/13/7 http://www.openwall.com/lists/oss-security/2015/07/15/3 http://www.securityfocus.com/bid/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-7422

https://notcve.org/view.php?id=CVE-2013-7422

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression. Desbordamiento inferior de enteros en regcomp.c en Perl en versiones anteriores a 5.20, tal como se utiliza en Apple OS X en versiones anteriores a 10.10.5 y otros productos, permite a atacantes dependientes del contexto ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de una cadena larga de dígitos asociados con una referencia inversa no válida dentro de una expresión regular. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://perl5.git.perl.org/perl.git/commit/0c2990d652e985784f095bba4bc356481a66aa06 http://www.securityfocus.com/bid/75704 http://www.ubuntu.com/usn/USN-2916-1 https://security.gentoo.org/glsa/201507-11 https://support.apple.com/kb/HT205031 • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 2%CPEs: 17EXPL: 0

CVE-2015-1819 – libxml2: denial of service processing a crafted XML document

https://notcve.org/view.php?id=CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Vulnerabilidad en el xmlreader en libxml, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de datos XML manipulados, relacionada con un ataque XML Entity Expansión (XEE). A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html http://lists.opensuse.org/opensuse-updates/2015- • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-3712

https://notcve.org/view.php?id=CVE-2015-3712

The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. El controlador de gráficos NVIDIA en Apple OS X anterior a 10.10.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (escritura fuera de rango) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75493 http://www.securitytracker.com/id/1032760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...298 299 300 301 302