CVSS: 10.0EPSS: 2%CPEs: 31EXPL: 0CVE-2014-9495
https://notcve.org/view.php?id=CVE-2014-9495
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image. Desbordamiento de buffer basado en memoria dinámica en la función png_combine_row en libpng en versiones anteriores a 1.5.21 y 1.6.x en versiones anteriores a 1.6.16, cuando se ejecuta en sistemas de 64 bits, podría permitir a atacantes dependientes del contexto ejecutar código arbitrario a través de una imagen PNG "entrelazada muy ampliamente". • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://secunia.com/advisories/62725 http://sourceforge.net/p/png-mng/mailman/message/33172831 http://sourceforge.net/p/png-mng/mailman/message/33173461 http://www.openwall.com/lists/oss-security/2015/01/04/3 http://www.openwall.com/lists/oss-security/2015/01/10/1 http://www.openwall.com/lists/oss-security/2015/01/10/3 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html h • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 3EXPL: 0CVE-2014-9425 – php: Double-free in zend_ts_hash_graceful_destroy()
https://notcve.org/view.php?id=CVE-2014-9425
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de doble liberación en la función zend_ts_hash_graceful_destroy en zend_ts_hash.c en Zend Engine en PHP hasta 5.5.20 y 5.6.x hasta 5.6.4 permite a atacantes remotos causar una denegación de servicio o la posibilidad de tener otro impacto sin especificar a través de vectores no conocidos. A double free flaw was found in zend_ts_hash_graceful_destroy() function in the PHP ZTS module. This flaw could possibly cause a PHP application to crash. • http://advisories.mageia.org/MGASA-2015-0040.html http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=24125f0f26f3787c006e4a51611ba33ee3b841cb http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2bcf69d073190e4f032d883f3416dea1b027a39e http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fbf3a6bc1abcc8a5b5226b0ad9464c37f11ddbd6 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://openwall.com/lists/oss-security/2014/12/29/6 http://rhn.redhat.com/errata/RHSA-2015-1218.html http:&# • CWE-416: Use After Free •
CVSS: 5.8EPSS: 0%CPEs: 88EXPL: 2CVE-2014-9365 – python: failure to validate certificates in the HTTP client with TLS (PEP 476)
https://notcve.org/view.php?id=CVE-2014-9365
The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Los clientes HTTP en las librarias (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib en CPython (también conocido como Python) 2.x anterior a 2.7.9 y 3.x anterior a 3.4.3, cuando accede a una URL HTTPS, not (a) comprueba el certificado contra un almacen trust o verifica que elnombre del servidor coincide con un nombre de dominio en el campo del tema (b) Common Name o (c) subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario. The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. • http://bugs.python.org/issue22417 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://www.openwall.com/lists/oss-security/2014/12/11/1 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/71639 https://access.redhat.com/errata/RHSA-2016:1166 https://access.redhat.com/errata/RHSA-2017:1162 https://access.redhat.com/errata&#x • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8611
https://notcve.org/view.php?id=CVE-2014-8611
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. Vulnerabilidad en la función __sflush en fflush.c en stdio en libc en FreeBSD 10.1 y el kernel en Apple iOS en versiones anteriores a la 9, no maneja correctamente fallos de la llamada del sistema de escritura, lo que permite a atacantes dependientes del contexto ejecutar código o causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html https://support.apple.com/HT205212 https://support.apple.com/HT205267 https://svnweb.freebsd.org/base?view=revision&revision=275665 https://www.freebsd.org/security/advisories/FreeBSD-SA-14:27.stdio.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2014-4461
https://notcve.org/view.php?id=CVE-2014-4461
The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application. El kernel en Apple iOS anterior a 8.1.1 y Apple TV anterior a 7.0.2, no valida correctamente los metadatos del objeto IOSharedDataQueue, lo que permite a atacantes ejecutar código remoto en un contexto privilegiado a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securityfocus.com/bid/71136 http://www.securitytracker.com/id/1031231 https://exchange.xforce.ibmcloud.com/vulnerabilities/98774 https://support.apple.com/en-us/HT204418 https://support.apple.com/en-us/HT204420 https://sup • CWE-20: Improper Input Validation •