CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2022-28605
https://notcve.org/view.php?id=CVE-2022-28605
31 May 2022 — Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory El token de administrador codificado en las aplicaciones de SoundBar en Linkplay SDK 1.00 permite a los atacantes remotos obtener acceso con privilegios de administrador en linkplay antifactory • https://gist.github.com/zachi40/1f8d174939684c07f5e32ee039ce9acf • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22592 – webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
https://notcve.org/view.php?id=CVE-2022-22592
31 Jan 2022 — A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.2. • https://security.gentoo.org/glsa/202208-39 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.9EPSS: 0%CPEs: 38EXPL: 2CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()
https://notcve.org/view.php?id=CVE-2021-23841
16 Feb 2021 — The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never di... • https://github.com/Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5868 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5868
18 Sep 2015 — The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903. Vulnerabilidad en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5896 y CVE-2015-5903. OS X El Capitan 10.11 is ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5842 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5842
18 Sep 2015 — XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors. Vulnerabilidad en XNU en el kernel en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a usuarios locales obtener información sensible de la estructura de memoria a través de vectores desconocidos. OS X El Capitan 10.11 is now available and addre... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5863 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5863
18 Sep 2015 — IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors. Vulnerabilidad en IOStorageFamily en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectores desconocidos. OS X El Capitan 10.11 is now available and addres... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5882 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5882
18 Sep 2015 — The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges. Vulnerabilidad en la implementación processor_set_tasks API en Apple iOS en versiones anteriores a 9, permite a usuarios locales eludir el mecanismo de protección de derechos y obtener acceso a los puertos de tareas de procesos arbitrarios mediante el aprovechamiento de los privilegios de ro... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5824 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5824
18 Sep 2015 — The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Vulnerabilidad en la implementación de NSURL en el componente CFNetwork SSL en Apple iOS en versiones anteriores a 9, no verifica adecuadamente los certificados X.509 de los servidores SSL después un cambio en el certificado, l... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-5829 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5829
18 Sep 2015 — Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file. Vulnerabilidad en Data Detectors Engine en Apple iOS en versiones anteriores a 9, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo de texto manipulado. iOS 9 is now available and addresses denial of service, information disclosure, and various other issue... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5834 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5834
18 Sep 2015 — IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Vulnerabilidad en IOAcceleratorFamily en Apple iOS en versiones anteriores a 9, permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una aplicación manipulada. iOS 9 is now available and addresses denial of service, information disclosure, and various other issues. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •