Page 93 of 901 results (0.010 seconds)

CVSS: 10.0EPSS: 1%CPEs: 42EXPL: 0

CVE-2016-4448 – libxml2: Format string vulnerability

https://notcve.org/view.php?id=CVE-2016-4448

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a través de especificadores de formato de cadena en vectores desconocidos. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.openwall.com/lists/oss-security/2016/05/25/2 http://www • CWE-134: Use of Externally-Controlled Format String •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1742

https://notcve.org/view.php?id=CVE-2016-1742

Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de búsqueda de ruta no confiable en el instalador en Apple iTunes en versiones anteriores a 12.4 permite a usuarios locales obtener privilegios a través de un Troyano DLL en el directorio de trabajo actual. • http://lists.apple.com/archives/security-announce/2016/May/msg00006.html http://www.securitytracker.com/id/1035887 https://support.apple.com/HT206379 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0

CVE-2015-7017

https://notcve.org/view.php?id=CVE-2015-7017

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992. CoreText en Apple iOS en versiones anteriores 9.1, OS X anteriores a 10.11.1 y iTunes en versiones a 12.3.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a tavés de un archivo de fuente manipulado, una vulnerabilidad diferente a CVE-2015-6975 y CVE-2015-6992. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205372 https://support.apple.com/HT205375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5931

https://notcve.org/view.php?id=CVE-2015-5931

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. WebKit, como se utiliza en Apple Safari en versiones anteriores a 9.0.1 y iTunes en versiones anteriores a 12.3.1, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a los CVEs WebKit listados en APPLE-SA-2015-10-21-3 y APPLE-SA-2015-10-21-5. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://www.securityfocus.com/bid/77264 http://www.securitytracker.com/id/1033939 https://support.apple.com/HT205372 https://support.apple.com/HT205377 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-7002

https://notcve.org/view.php?id=CVE-2015-7002

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.1, Safari en versiones anteriores a 9.0.1 y iTunes en versiones anteriores a 12.3.1, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a los CVEs WebKit listados en APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3 y APPLE-SA-2015-10-21-5. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://www.securityfocus.com/bid/77267 http://www.securitytracker.com/id/1033929 https://support.apple.com/HT205370 https://support.apple.com/HT205372 https://support.apple.com/HT205377 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •