Page 54 of 2119 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. La implementación de IPv6 en Apple Mac OS X (versiones desconocidas, año 2012 y anteriores), permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de paquetes ICMPv6 Router Advertisement, que contienen múltiples entradas de Enrutamiento. • http://www.openwall.com/lists/oss-security/2012/10/10/12 https://www.securityfocus.com/bid/56170/info • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. En ksh versión 20120801, se detectó un fallo en la manera que evalúa determinadas variables de entorno. Un atacante podría usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. • http://seclists.org/fulldisclosure/2020/May/53 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868 https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2 https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html https://support.apple.com/kb/HT211170 https://access.redhat.com/security/cve/CVE-2019-14868 https://bugzilla.redhat.com/show_bug.cgi?id=1757324 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 3.1EPSS: 0%CPEs: 15EXPL: 1

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503. Se detectó un problema en los dispositivos cliente de Broadcom Wi-Fi. Específicamente un tráfico diseñado minuciosamente y sincronizado puede causar errores internos (relacionados con las transiciones de estado) en un dispositivo WLAN que conllevan a un cifrado de Wi-Fi de Capa 2 inapropiado con una consiguiente posibilidad de divulgación de información por medio del aire para un conjunto de tráfico discreto, una vulnerabilidad diferente de CVE-2019-9500, CVE-2019-9501, CVE-2019-9502 y CVE-2019-9503. • https://www.exploit-db.com/exploits/48233 http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en http://www.huawei.com/en/psirt/security-notices/huawei-sn-20200228-01-kr00k-en https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001 https:&# • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to leak memory. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Catalina versión 10.15.3. • https://support.apple.com/HT210919 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en macOS Catalina versión 10.15.3. • https://support.apple.com/HT210919 • CWE-787: Out-of-bounds Write •