CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7135 – Apple Security Advisory 2017-09-19-3
https://notcve.org/view.php?id=CVE-2017-7135
20 Sep 2017 — An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7136 – Apple Security Advisory 2017-09-19-3
https://notcve.org/view.php?id=CVE-2017-7136
20 Sep 2017 — An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Se ha descubierto un problema en ciertos productos Apple.. • http://www.securityfocus.com/bid/100894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7137 – Apple Security Advisory 2017-09-19-3
https://notcve.org/view.php?id=CVE-2017-7137
20 Sep 2017 — An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Mach-O file. Se ha descubierto un problema en ciertos productos Apple.. • http://www.securityfocus.com/bid/100894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 92%CPEs: 6EXPL: 15CVE-2017-7529 – nginx: Integer overflow in nginx range filter module leading to memory disclosure
https://notcve.org/view.php?id=CVE-2017-7529
13 Jul 2017 — Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. Las versiones desde la 0.5.6 hasta 1.13.2 incluyéndola de Nginx, son susceptibles a una vulnerabilidad de desbordamiento de enteros en el módulo filtro de rango de nginx, resultando en un filtrado de información potencialmente confidencial activada por una petición especialmente cre... • https://github.com/liusec/CVE-2017-7529 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4704 – Apple Security Advisory 2016-09-13-2
https://notcve.org/view.php?id=CVE-2016-4704
14 Sep 2016 — otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705. otool en Apple Xcode en versiones anteriores a 8 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4705. Xcode 8 is now available and addresse... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4705 – Apple Security Advisory 2016-09-13-2
https://notcve.org/view.php?id=CVE-2016-4705
14 Sep 2016 — otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704. otool en Apple Xcode en versiones anteriores a 8 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4704. Xcode 8 is now available and addresse... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1765 – Apple Security Advisory 2016-03-21-4
https://notcve.org/view.php?id=CVE-2016-1765
22 Mar 2016 — otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors. otool en Apple Xcode en versiones anteriores a 7.3 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores no especificados. Xcode 7.3 is now available and addresses multiple code execution vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 81%CPEs: 10EXPL: 0CVE-2016-0742 – nginx: invalid pointer dereference in resolver
https://notcve.org/view.php?id=CVE-2016-0742
10 Feb 2016 — The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. El traductor de direcciones en nginx en versiones anteriores a 1.8.1 y 1.9.x en versiones anteriores a 1.9.10 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero no válido y caída del proceso trabajador) a través de una respuesta UDP DNS manipulada. It was discovered that nginx ... • http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 11%CPEs: 9EXPL: 0CVE-2016-0746 – nginx: use-after-free during CNAME response processing in resolver
https://notcve.org/view.php?id=CVE-2016-0746
10 Feb 2016 — Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. Vulnerabilidad de uso de memoria previamente liberada en la resolución en nginx, de la versión 0.6.18 hasta la 1.8.0 y versiones 1.9.x anteriores a la 1.9.10, permite que atacantes remotos provoquen una denegación de servicio (cie... • http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html • CWE-416: Use After Free •
CVSS: 5.3EPSS: 27%CPEs: 10EXPL: 0CVE-2016-0747 – nginx: Insufficient limits of CNAME resolution in resolver
https://notcve.org/view.php?id=CVE-2016-0747
10 Feb 2016 — The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. El traductor de direcciones en nginx en versiones anteriores a 1.8.1 y 1.9.x en versiones anteriores a 1.9.10 no limita correctamente la resolución CNAME, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de recursos por el proceso tr... • http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html • CWE-400: Uncontrolled Resource Consumption •