Lucene search
+L

48 matches found

CNVD
CNVD
added 2017/12/07 12:0 a.m.5 views

Kernel Security Bypass Vulnerability in Multiple Apple Products (CNVD-2018-00179)

Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. macOS High Sierra is a specialized operating system developed for Mac computers. tvOS is a smart TV operating system. watchOS is a smart watch operating system...

5.5CVSS6.3AI score0.04247EPSS
Exploits0References1
OSV
OSV
added 2017/10/27 5:29 a.m.6 views

UBUNTU-CVE-2017-5089

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name...

6.5CVSS7AI score0.01285EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/21 12:0 a.m.7 views

Apple macOS Sierra Foundation Component Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.Foundation is one of the components that defines the Objective-C class base layer. A memory corruption vulnerability exists in the Foundation component in Apple macOS Sierra versions prior to 10.12.6. A remo...

7.8CVSS7.7AI score0.0181EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/28 12:0 a.m.4 views

Multiple Apple Products libxslt Memory Corruption Denial of Service Vulnerability (CNVD-2016-05749)

Apple iOS is an operating system for mobile devices; OS X is a specialized operating system for Mac computers; tvOS is an operating system for smart TVs; and watchOS is an operating system for smart watches. libxslt is an XSLTC library developed for the GNOME project. A security vulnerability in...

9.8CVSS6.6AI score0.05059EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/13 12:0 a.m.4 views

Apple OS X ASN.1 Parser Memory Corruption Vulnerability (CNVD-2015-08144)

Apple OS X is an operating system developed by Apple Inc. A security vulnerability in the handling of special certificates by the Apple OS X ASN.1 resolver allows attackers to conduct denial of service attacks or execute arbitrary code by submitting a certificate request...

6.8CVSS9.4AI score0.02236EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/30 12:0 a.m.18 views

Apple iOS BOM Catalog Traversal Vulnerability

OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. iOS is an operating system developed by Apple for mobile devices. A directory traversal security vulnerability exists in the BOM in Apple iOS versions prior to 9.1, Apple OS X versions...

6.8CVSS9.4AI score0.0404EPSS
Exploits0References1
OSV
OSV
added 2015/08/14 1:59 a.m.1 views

UBUNTU-CVE-2015-5132

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a differen...

10CVSS6.2AI score0.50728EPSS
Exploits0References3
CNVD
CNVD
added 2015/08/11 12:0 a.m.3 views

Apple Mac OS X 'entity' Parameter Cross-Site Scripting Vulnerability

Apple Mac OS X is a commercial operating system. A cross-site scripting vulnerability exists in the Apple Mac OS X 'entity' parameter. Because the program fails to properly filter user-supplied input, an attacker could exploit the vulnerability to execute arbitrary script code in the browser of a...

6.7AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.16 views

Apple Computer Finder DMG Volume Name Memory Corruption - Ver2 (CVE-2007-0197)

Apple Computer Mac OS X is the operating system bundled with Apple Macintosh computers. The graphical user interface shell of Mac OS X, Finder, allows for graphical browsing of the system. The Finder is also responsible for user-management of files, disks, network volumes and the launching of oth...

6.8CVSS1.7AI score0.0807EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Apple Mac OS X Safari <= 2.0.3 (417.9.2) (ROWSPAN) DoS PoC

No description provided by source. !-- Apple Mac OS X Safari 2.0.3 Vulnerability ========================================= Author: Yannick von Arx Email: yannickdotvonarxatyanuxdotch Release Date: April 23th, 2006 Vendor: Apple Computer Inc. Tested on: iBook G4 1.2 GHz with Mac OS X 10.4.5 Build...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/10/05 12:0 a.m.8 views

Apple Computer Finder DMG Volume Name Memory Corruption (CVE-2007-0197)

Apple Computer Mac OS X is the operating system bundled with Apple Macintosh computers. The graphical user interface shell of Mac OS X, Finder, allows for graphical browsing of the system. The Finder is also responsible for user-management of files, disks, network volumes and the launching of oth...

6.8CVSS7.5AI score0.0807EPSS
Exploits1
CERT
CERT
added 2009/05/20 12:0 a.m.20 views

NSD vulnerable to one-byte overflow

Overview A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow. Description Name server daemon NSD is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when...

7.2AI score
Exploits0References1
seebug.org
seebug.org
added 2008/07/12 12:0 a.m.26 views

Core Image Fun House &lt;= 2.0 Arbitrary Code Execution PoC (OSX)

No description provided by source. !/usr/bin/ruby Copyright c Netragard, LLC. [email protected] /Developer/Applications/Graphics Tools/Core Image Fun House.app /Contents/MacOS/Core Image Fun House gdb x/10s 0xbfffddf7 0xbfffddf7: 'Z' repeats 101 times, "DCBA center" 2007-07-10 21:15:34.573 Cor...

7.1AI score
Exploits0
CERT
CERT
added 2008/04/18 12:0 a.m.35 views

Apple Safari WebKit fails to properly handle a crafted URL

Overview A vulnerability in the way Apple Mac OS X handles specially crafted URLs may allow an attacker to execute script in the context of another site.. Description According to Apple Safari 3.1.1: An issue exists in WebKit's handling of URLs containing a colon character in the host name. Openi...

4.3CVSS5.7AI score0.02893EPSS
Exploits1References1
CERT
CERT
added 2007/12/14 12:0 a.m.24 views

Shadow Utils useradd utility sets incorrect file permissions

Overview The Shadow Utilities contain a vulnerability that may result in new user mailboxes having arbitrary permissions. Description The Shadow Utilities provide tools to manage user accounts.When a new mailbox is created using the useradd utility, the open function does not receive the expected...

3.7CVSS5.6AI score0.00444EPSS
Exploits0References6
CERT
CERT
added 2007/07/11 12:0 a.m.36 views

Adobe Flash Player FLV integer overflow

Overview A vulnerability in the Adobe Flash Player could allow a remote attacker to execute arbitrary code on an affected system. Description Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser. An integer...

9.3CVSS8AI score0.56309EPSS
Exploits0References4
CERT
CERT
added 2007/05/30 12:0 a.m.26 views

Apple QuickTime for Java information disclosure vulnerability

Overview Apple QuickTime for Java fails to properly clear memory. As a result, sensitive information may be exposed to unintended parties. Description Apple QuickTime includes the ability to integrate QuickTime into Java applications and applets. This feature is known as QuickTime for Java. Apple...

7.1CVSS5.8AI score0.02786EPSS
Exploits0References6
CERT
CERT
added 2007/05/14 12:0 a.m.59 views

Samba NDR MS-RPC heap buffer overflow

Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...

10CVSS9.1AI score0.77806EPSS
Exploits23References12
CERT
CERT
added 2006/09/19 12:0 a.m.33 views

gzip contains a buffer underflow

Overview The gzip program contains a buffer underflow vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition. Description The gzip program is used to compress and decompress archived files.A buffer underflow vulnerability exists in gzip. An...

7.5CVSS7AI score0.0551EPSS
Exploits1References2
CERT
CERT
added 2006/09/19 12:0 a.m.34 views

gzip contains an array out-of-bounds vulnerability in make_table()

Overview The gzip program contains a stack modification vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition.. Description The gzip program is used to compress and decompress archived files.A stack modification vulnerability exists in gzip. A...

7.5CVSS6.8AI score0.05478EPSS
Exploits1References2
Rows per page
Query Builder