Tenable Nessus Multiple Vulnerabilities (TNS-2025-24)

Tenable Nessus is prone to multiple vulnerabilities in various third-party components expat, libxml2, libxslt. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

[R2] Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities

R2 Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities Arnie Cabral Mon, 12/15/2025 - 09:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components expat, libxml2, libxslt were found to contain vulnerabilities, and updated...

CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

XWiki 10.11.1 < 13.10.11, 14.0-rc-1 < 14.4.8, 14.5 < 14.10.3 Privilege Escalation Vulnerability (GHSA-gpq5-7p34-vqx5)

Xwiki is prone to an privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

Mac OS X 10.9.x < 10.9.5 / 10.10.x < 10.10.5 / 10.11.x < 10.11.1 Multiple Vulnerabilities

Binary data 9437.prm...

Apple Mac OSX - &#039;gst_configure&#039; Kernel Buffer Overflow

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=596 The external method 0x206 of IGAccelGLContext is gstconfigure. This method takes an arbitrary sized input structure passed in rsi but doesn't check the size of that structure passed in rcx. text:000000000002A366...

Apple Mac OSX / iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=599 OS X and iOS kernel UaF/double free due to lack of locking in IOHDIXControllUserClient::clientClose Here's the clientClose method of IOHDIXControllUserClient on OS X 10.11.1: text:0000000000005B38 ; int64 fastcall...

CVE-2015-6980

Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors...

Apple iOS Denial of Service Vulnerability (CNVD-2015-07142)

Apple iOS is an operating system for handheld devices developed by Apple Inc. A denial of service vulnerability exists in Apple iOS versions prior to 9.1 and OS X versions prior to 10.11.1. The vulnerability allows remote attackers to execute arbitrary code or initiate a denial of service via a...

Apple iOS Denial of Service Vulnerability (CNVD-2015-07147)

Apple iOS is an operating system for handheld devices developed by Apple Inc. A denial of service vulnerability exists in Apple iOS versions prior to 9.1 and OS X versions prior to 10.11.1. Allows remote attackers to execute arbitrary code or cause a denial of service via crafted font files...

Apple Mac EFI Unauthorized Access Vulnerability

OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. Apple OS X versions prior to 10.11.1 and other products and Apple Mac versions prior to EFI 2015-002 improperly handle parameters and contain a security vulnerability that can be...

CVE-2015-5934

Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted audio file, a different vulnerability than CVE-2015-5933...

CVE-2015-6983

CVE-2015-6983 is an Apple product vulnerability described as a double free in the handling of AtomicBufferedFile descriptors, allowing an attacker to write to arbitrary files. Connected sources indicate affected platforms include iOS versions prior to 9.1 and OS X prior to 10.11.1, with remediati...

CVE-2015-7021

CVE-2015-7021 concerns Apple OS X Graphics Drivers memory corruption. The Graphics Drivers subsystem in OS X prior to 10.11.1 allows a local attacker to gain privileges or cause a denial of service via unspecified vectors, due to memory corruption in the kernel graphics path. Affected software: O...

CVE-2015-5944

CVE-2015-5944 affects Apple OS X/macOS prior to 10.11.1 via the CoreText component. A crafted font file can trigger memory corruption, allowing a remote attacker to execute arbitrary code or cause a denial of service. Affected software: OS X before 10.11.1 (CoreText). Root cause: memory corruptio...

CVE-2015-7035

Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors...

CVE-2015-7035

Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach "unused" functions via unspecified vectors...