Page 366 of 2946 results (0.025 seconds)

CVSS: 7.4EPSS: 1%CPEs: 4EXPL: 7

CVE-2014-1266

https://notcve.org/view.php?id=CVE-2014-1266

The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step. La función SSLVerifySignedServerKeyExchange en libsecurity_ssl/lib/sslKeyExchange.c la funcionalidad Secure Transport en el componente Data Security en Apple iOS 6.x anterior a 6.1.6 y 7.x anterior a 7.0.6, Apple TV 6.x anterior a 6.0.2 y Apple OS X 10.9.x anterior a 10.9.2 no comprueba la firma en un mensaje TLS Server Key Exchange, lo que permite a atacantes man-in-the-middle falsificar servidores SSL mediante (1) el uso de una clave privada arbitraria para el paso de la firma o (2) la omisión del paso de la firma. • https://github.com/gabrielg/CVE-2014-1266-poc https://github.com/landonf/Testability-CVE-2014-1266 https://github.com/meetlight942/PentesterLab-Intercept-CVE-2014-1266 http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187 http://support.apple.com/kb/HT6146 http://support.apple.com/kb/HT6147 http://support.apple.com/kb/HT6148 http://support.apple.com/kb/HT6150 https://news.ycombinator.com/item?id=7281378 https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02- • CWE-295: Improper Certificate Validation •

CVSS: 4.6EPSS: 0%CPEs: 59EXPL: 0

CVE-2014-0067

https://notcve.org/view.php?id=CVE-2014-0067

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. El comando "make check" para los suites de prueba en PostgreSQL 9.3.3 y anteriores no invoca debidamente initdb para especificar los requisitos de autenticación para un cluster de base de datos utilizado para las pruebas, lo que permite a usuarios locales ganar privilegios mediante el aprovechamiento de acceso a este cluster. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html http://wiki.postgresql.org/wiki/20140220securityrelease http://www.debian.org/security/2014/dsa-2864 http://www.debian.org/security/2014/dsa-2865 http://www.postgresql.org/about/news/1506 http://www.securityfocus • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 60%CPEs: 52EXPL: 4

CVE-2014-1912 – Python - 'socket.recvfrom_into()' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2014-1912

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. Desbordamiento de buffer en la función socket.recvfrom_into en Modules/socketmodule.c en Python 2.5 anterior a 2.7.7, 3.x anterior a 3.3.4 y 3.4.x anterior a 3.4rc1 permite a atacantes remotos ejecutar código arbitrario a través de una cadena manipulada. It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. • https://www.exploit-db.com/exploits/31875 http://bugs.python.org/issue20246 http://hg.python.org/cpython/rev/87673659d8f7 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html http://pastebin.com/raw.php?i=GHXSmNEg http://rhn.redhat.com/errata/RHSA-2015-1064.html http://rhn.redhat.com/errata/RHSA-2015-1330.html http://www&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 4%CPEs: 7EXPL: 0

CVE-2014-1252

https://notcve.org/view.php?id=CVE-2014-1252

Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. Vulnerabilidad de doble liberación en Apple Pages v2.x anterior a v2.1 y v5.x anterior a v5.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de un fichero de Microsoft Word manipulado. • http://osvdb.org/102460 http://secunia.com/advisories/56615 http://secunia.com/advisories/56630 http://support.apple.com/kb/HT6117 http://support.apple.com/kb/HT6150 http://support.apple.com/kb/HT6162 http://www.securityfocus.com/bid/65113 http://www.securitytracker.com/id/1029683 https://exchange.xforce.ibmcloud.com/vulnerabilities/90672 • CWE-415: Double Free •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0

CVE-2013-5987

https://notcve.org/view.php?id=CVE-2013-5987

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors. Vulnerabilidad sin especificar en los drivers gráficos de NVIDIA Release 331, 325, 319, 310, y 304 permite a usuarios locales evadir restricciones de acceso intencionadas para la GPU y obtener privilegios a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=139965942001604&w=2 http://nvidia.custhelp.com/app/answers/detail/a_id/3377 http://support.apple.com/kb/HT6150 •