Page 332 of 2317 results (0.008 seconds)

CVSS: 2.1EPSS: 0%CPEs: 91EXPL: 0

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files. CFNetwork en Apple iOS anterior a 8.1.1 y OS X anterior a 10.10.1 no limpia debidamente la caché de navegación sobre una transición del modo de navegación privada, lo que facilita a atacantes físicamente próximos obtener información sensible mediante la lectura de los archivos de la caché. • http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://support.apple.com/HT204244 http://www.securityfocus.com/bid/71135 http://www.securitytracker.com/id/1031230 https://exchange.xforce.ibmcloud.com/vulnerabilities/98783 https://support.apple.com/en-us/HT204418 https://support.apple.com/en-us/HT204419 https://sup • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 86EXPL: 0

The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors. El componente 'System Profiler About This Mac' en Apple OS X anterior a 10.10.1 incluye datos extraños en la cookie en peticiones 'sistema-modelo', lo que podría permitir a atacantes remotos obtener información sensible a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html http://secunia.com/advisories/62503 http://www.securityfocus.com/bid/71139 http://www.securitytracker.com/id/1031230 https://exchange.xforce.ibmcloud.com/vulnerabilities/98785 https://support.apple.com/en-us/HT204419 https://support.apple.com/en-us/HT6591 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 1%CPEs: 90EXPL: 0

Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors. Apple iOS anterior a 8.1.1 y OS X anterior a 10.10.1 incluiye datos de localización durante el establecimiento de una conexión en el servidor de Spotlight Suggestions por Spotlight o Safari, lo que podría permitir a atacantes remotos obtener información sensible a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html http://secunia.com/advisories/62503 http://secunia.com/advisories/62504 http://www.securityfocus.com/bid/71135 http://www.securitytracker.com/id/1031230 https://exchange.xforce.ibmcloud.com/vulnerabilities/98782 https://support.apple.com/en-us/HT204418 https://support.apple.com/en-us/HT204419 https://support.apple.com/en-us/HT6590 https&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 10%CPEs: 7EXPL: 0

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. Una vulnerabilidad de uso después de liberación en WebKit, usado en Apple OS X anterior a 10.10.1, permite a atacantes ejecutar código arbitrario a través de objetos de página en un documento HTML. • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2014/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://secunia.com/advisories/62503 http://support.apple.com/HT204245 http://support.apple.com/HT204246 http://support.apple. •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem. El kernel en Apple OS X anterior a 10.10 permite a atacantes físicamente próximos causar una denegación de servicio (referencia a puntero nulo y caída del sistema) a través de un nombre de fichero manipulado en un sistema de archivos HFS. Mac OS X version 10.11 suffered from an FTS deep structure of the file system buffer overflow vulnerability. • http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://www.securityfocus.com/bid/70618 http://www.securitytracker.com/id/1031063 https://exchange.xforce.ibmcloud.com/vulnerabilities/97633 https://support.apple.com/kb/HT6535 • CWE-20: Improper Input Validation •