Page 500 of 2650 results (0.013 seconds)

CVSS: 9.8EPSS: 32%CPEs: 5EXPL: 0

Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. Vulnerabilidad de doble liberación de memoria en la función krb5_recvauth en MIT Kerberos 5 (krb5) 1.4.1 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante ciertas condiciones de error. • ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=112119974704542&w=2 http://secunia.com/advisories/16041 http://secunia.com/advisories/17135 http://secunia.com/advisories/17899 http://secunia.com/advisories/22090 • CWE-415: Double Free •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. • http://lists.apple.com/archives/security-announce/2005/May/msg00004.html •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. • http://www.kb.cert.org/vuls/id/983429 http://www1.cs.columbia.edu/~aaron/files/widgets •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. • http://lists.apple.com/archives/security-announce/2005/May/msg00004.html http://www.securityfocus.com/bid/13694 •