Page 35 of 1004 results (0.011 seconds)

CVSS: 4.6EPSS: 0%CPEs: 59EXPL: 0

CVE-2014-0067

https://notcve.org/view.php?id=CVE-2014-0067

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. El comando "make check" para los suites de prueba en PostgreSQL 9.3.3 y anteriores no invoca debidamente initdb para especificar los requisitos de autenticación para un cluster de base de datos utilizado para las pruebas, lo que permite a usuarios locales ganar privilegios mediante el aprovechamiento de acceso a este cluster. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html http://wiki.postgresql.org/wiki/20140220securityrelease http://www.debian.org/security/2014/dsa-2864 http://www.debian.org/security/2014/dsa-2865 http://www.postgresql.org/about/news/1506 http://www.securityfocus • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 1%CPEs: 16EXPL: 0

CVE-2013-1024

https://notcve.org/view.php?id=CVE-2013-1024

CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. CoreMedia reproducción en Apple Mac OS X anterior a v10.8.4 no inicializa correctamente la memoria durante el procesamiento de pistas de texto, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de la aplicación) a través de un archivo de video especialmente diseñado. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://support.apple.com/kb/HT5784 http://support.apple.com/kb/HT6001 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 3%CPEs: 16EXPL: 0

CVE-2013-0975 – Apple QuickTime PICT Image LongComment Opcode Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-0975

Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. Desbordamiento de búfer en QuickDraw Manager de Apple Mac OS X antes de v10.8.4 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de una imagen PICT manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles the LongComment PICT opcode. It converts an unsigned 16 bit value into a signed 32 bit value after it performs some mathematical operations on it. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://support.apple.com/kb/HT5784 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 1.7EPSS: 0%CPEs: 16EXPL: 0

CVE-2013-0982

https://notcve.org/view.php?id=CVE-2013-0982

The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation. La función de navegación privada en CFNetwork en Apple Mac OS X antes de v10.8.4 no impide el almacenamiento de cookies permanentes a la salida de Safari, que podría permitir a atacantes físicamente cercanos evitar la autenticación basada en cookies mediante el aprovechamiento de una estación de trabajo sin supervisión. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://support.apple.com/kb/HT5784 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 16EXPL: 0

CVE-2013-0990

https://notcve.org/view.php?id=CVE-2013-0990

SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, allows remote authenticated users to create or modify files outside of a shared directory via unspecified vectors. SMB en Apple Mac OS X antes de v10.8.4, cuando el intercambio de archivos está activada, permite a los usuarios remotos autenticados crear o modificar archivos fuera de un directorio compartido a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://support.apple.com/kb/HT5784 • CWE-264: Permissions, Privileges, and Access Controls •