CVE-2016-1797

Apple Type Services ATS in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app...

CVE-2016-1794

The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...

CVE-2016-1792

The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the AppleRAID component in the Mac OS X operating system arises from buffer overflows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context, or trigger a service failure memory corruption through a specially created applicatio...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the IOGraphics component in the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context, or cause a service failure memory corruption through a specially created applicatio...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Bluetooth component in the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure memory corruption through a specially created application...

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code in a privileged context

The vulnerability of the kernel in iOS and Mac OS X operating systems exists due to insufficient checking of resource states when resources are allowed to be shared among processes. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using a...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Intel Graphics Driver for the Mac OS X operating system is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure memory corruption through a specially created applicatio...

The vulnerabilities in operating systems such as Mac OS X and iOS allow attackers to trigger service failures or execute arbitrary code in privileged contexts.

The vulnerability of the AppleUSBNetworking component in Mac OS X and iOS operating systems arises due to buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code in a privileged context, or to cause a service failure memory corruption by using a specially creat...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of NVIDIA’s Graphics Drivers for the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure memory corruption through a specially created applicati...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Intel Graphics Driver for the Mac OS X operating system is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure memory corruption through a specially created applicatio...

CVE-2016-1757

Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app...

CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app...

CVE-2016-1749

IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2016-1744

The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app, a different vulnerability than CVE-2016-1743...

CVE-2016-1733

AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

Tomcat/JbossWeb: security manager bypass via EL expressions

It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections...

Amazon Linux AMI : tomcat6 (ALAS-2016-656)

It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. CVE-2014-7810 It was found that Tomcat would keep connections open after processing requests with a...

USN-2872-2 linux-lts-wily vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

Debian: Security Advisory (DSA-3428-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...