1329 matches found
Information disclosure
The Common Log File System CLFS driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from...
Information disclosure
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."...
Information disclosure
Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."...
CVE-2016-7276
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read via a crafted document, aka "Microsoft Office Information Disclosure...
CVE-2016-7278
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."...
About the security content of iCloud for Windows 6.1
About the security content of iCloud for Windows 6.1 This document describes the security content of iCloud for Windows 6.1. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
About the security content of iTunes 12.5.4 for Windows
About the security content of iTunes 12.5.4 for Windows This document describes the security content of iTunes 12.5.4 for Windows. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
The vulnerability of Microsoft Edge browser and the Windows operating system allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of Microsoft Edge browser and the Windows operating system allows a perpetrator to obtain confidential information from the process memory...
Information disclosure
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a...
CVE-2016-7210
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a...
CVE-2015-2080
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak...
CVE-2015-2080
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak...
CVE-2015-2080
CVE-2015-2080 affects Eclipse Jetty; vulnerability in exception handling allows remote attackers to disclose sensitive memory contents via illegal characters in HTTP headers (JetLeak). Affected product: Jetty versions before 9.2.9.v20150224. Impact per sources: information disclosure; no integrit...
FontParser Buffer Overflow Vulnerability in Multiple Apple Products
Apple iOS and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems; watchOS is a smart watch FontParser is one ...
CVE-2016-4752
The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CFRETURNSRETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation...
CVE-2016-4718
Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file...
Design/Logic Flaw
The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CFRETURNSRETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation...
CVE-2016-4718
The CVE-2016-4718 entry concerns a buffer overflow in FontParser that affects multiple Apple platforms when processing malicious font files. Specifically, Apple iOS before 10, macOS (OS X) before 10.12, tvOS before 10, and watchOS before 3 are listed as vulnerable, with the issue allowing a remot...
Dropbear SSH Server < 2016.72 Multiple Vulnerabilities
According to its self-reported version in its banner, Dropbear SSH running on the remote host is prior to 2016.74. It is, therefore, affected by the following vulnerabilities : - A format string flaw exists due to improper handling of string format specifiers e.g., %s and %x in usernames and host...
Crypto++ Information Disclosure Vulnerability
Crypto++ aka cryptopp is a free C++ library. A security vulnerability exists in Crypto++ 5.6.4 and earlier versions, which can be exploited by an attacker to obtain sensitive information by accessing process memory...