2123 matches found
CVE-2015-3725
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service ID collision and Watch launch outage via a crafted universal provisioning profile app...
CVE-2015-3722
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service ID collision and launch outage via a crafted universal provisioning profile app...
CVE-2015-3725
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service ID collision and Watch launch outage via a crafted universal provisioning profile app...
Apple iOS Watch Common Profile App Installation Logic Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. There is an issue with the Apple iOS Watch Universal Profile app installation logic that allows collisions to occur in pre-existing bundle IDs, preventing other apps from being enabled...
Apple MAC OS X Code Signing Check Bypass Vulnerability
Apple Mac OS X is a commercial operating system. Apple Mac OS X code signing fails to verify libraries loaded outside of the application bundle, allowing attackers to exploit vulnerabilities to run malicious applications and bypass code signing...
Multiple Vulnerabilities in Apple OS X Keychain/WebSocket/Sandbox ACLs
Apple Mac OS X is an operating system for Apple devices. Multiple vulnerabilities exist in the Apple OS X Keychain/WebSocket/Sandbox ACL. 1 A remote user can create an application that, when installed by the target user, can access the target application's keychain entries, delete the keychain...
CVE-2015-1146
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145...
Code injection
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145...
Code injection
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146...
Tor Browser 4.0.4 Released
Tor — a privacy oriented encrypted anonymizing service, has announced the launch of its next version of Tor Browser Bundle, i.e. Tor version 4.0.4, mostly supposed to improve the built-in utilities, privacy and security of online users on the Internet. Tor Browser helps users to browse the Intern...
OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
USN-2504-1 nss update
The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17.4 which includes the latest CA certificate bundle...
Google Retools reCAPTCHA with No CAPTCHA
Google is getting right to the point with the latest update to its reCAPTCHA authentication system. Rather than have users signing in to an online service try to decipher blurred text, Google has simplified the process by simply asking users whether they’re a bot. One click later, they’re...
OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...