CVE-2016-7620

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

CVE-2016-7624

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

CVE-2016-7620

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors...

CVE-2016-7625

CVE-2016-7625 concerns macOS Sierra IOKit: a local attacker can read kernel memory layout through IOKit, with the issue present in macOS versions prior to 10.12.2. Apple’s security update 10.12.2 (and accompanying updates) addressed this class of memory-disclosure issues; the Apple security conte...

Mozilla: Excessive JIT code allocation allows bypass of ASLR and DEP (MFSA 2017-02)

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities

Binary data 9928.prm...

UBUNTU-CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

About the security content of tvOS 10 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

CVE-2017-2950

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2950

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution...

Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA subform...

MS12-034: Description of the security update for CVE-2012-0181 in Windows XP and Windows Server 2003: May 8, 2012

MS12-034: Description of the security update for CVE-2012-0181 in Windows XP and Windows Server 2003: May 8, 2012 INTRODUCTION Microsoft has released security bulletin MS12-034. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...

CVE-2016-8334

CVE-2016-8334 (Foxit PDF Reader JBIG2 parsing vulnerability) is a heap-based out-of-bounds read disclosed via JBIG2 symbol dictionary segments. A signed/unsigned state in the parser allows two chained segments to trigger different allocation paths based on the SDTEMPLATE value and the “bitmap cod...

CVE-2016-5328

VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...

CVE-2016-2246

HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors...

CVE-2016-2246

CVE-2016-2246 concerns HP ThinPro 4.4–6.1, where the keyboard layout control panel and the Virtual Keyboard application are mishandled, enabling local users to bypass access restrictions and elevate privileges. Root cause and impact are described as local unauthorized access with privilege elevat...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security and bug fix update

An update is now available for Red Hat Ceph Storage 1.3. This erratum is for Red Hat Ceph Storage that runs on Ubuntu 14.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

Apple macOS Sierra IOSurface Component Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.IOSurface is one of the programming framework components. A security vulnerability exists in the IOSurface component in Apple macOS Sierra versions prior to 10.12.2. A local attacker could exploit the...

Apple macOS Sierra IOKit Component Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.IOKit is one of the components that reads system information. A security vulnerability exists in the IOKit component in Apple macOS Sierra versions prior to 10.12.2. An attacker could exploit the vulnerabili...