13 matches found
CVE-2026-24065
Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...
SUSE-SU-2026:20510-1 Security update for kernel-livepatch-MICRO-6-0_Update_16
This update for kernel-livepatch-MICRO-6-0Update16 fixes the following issues: Initial livepatch for Update 16 of kernel default...
SUSE-SU-2026:20476-1 Security update for kernel-livepatch-MICRO-6-0_Update_16
This update for kernel-livepatch-MICRO-6-0Update16 fixes the following issues: Initial livepatch for Update 16 of kernel default...
PT-2025-13909 · Apple · Xcode +1
Name of the Vulnerable Software and Affected Versions: Xcode versions prior to 16.3 Description: A malicious app may be able to access private information due to an issue that has been addressed with improved checks. Recommendations: For versions prior to 16.3, update to Xcode 16.3 to resolve the...
CVE-2023-38261
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges...
PT-2023-21453 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.4 iPadOS versions prior to 16.4 Description: The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges. Recommendations: For iOS versions prior to 16.4,...
SUSE CVE-2008-3112
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...
PT-2022-6612 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 Description: The issue is related to a buffer overflow in memory due to incorrect video rendering with H.264 encoding. This can allow an attacker to execute arbitrary code with kernel...
PT-2022-21551 · Apple · Ios
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16 Description: The issue allows an app to potentially execute arbitrary code with kernel privileges due to a problem that was addressed with improved memory handling. Recommendations: For iOS versions prior to 16, updat...
Java Web Start BasicService displays local files in the browser
Unspecified vulnerability in the BasicService for Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows untrusted downloaded applications to cause local files to be displayed in the brows...
OpenJDK Denial-Of-Service in kerberos authentication (6588160)
Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service OS resource consumption via...
OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841)
Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications...
Java Web Start, arbitrary file creation (6703909)
Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909...