56 matches found
The vulnerability of the USACBitstreamReader function in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS allows attackers to disclose protected information.
The vulnerability of the USACBitstreamReader function in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of Adobe Audition for Windows and macOS, related to the swapping of the zero pointer, allows a hacker to execute arbitrary code.
The vulnerability of Adobe Audition for Windows and macOS relates to the assignment of the zero pointer. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Corel Parallels Desktop 安全漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A security vulnerability exists in Corel Parallels Desktop version 16.5.0, which originates from the creation of symbolic links that can be abused by an attacker to execute files through the...
CVE-2021-1813
A validation issue was addressed with improved logic. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges...
CVE-2019-8574
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges...
Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2019-24839)
Microsoft Edge is Microsoft's new browser, migrating from the EdgeHTML kernel to the Chromium kernel, and will also be coming to Windows 7/8/8.1 and macOS platforms. A remote memory corruption vulnerability exists in Microsoft Edge Chakra Scripting Engine, which can be exploited by an attacker to...
Shimo VPN Denial of Service Vulnerability
Shimo VPN is a VPN Virtual Private Network software based on macOS platform. A denial of service vulnerability exists in the deleteConfig function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly validate incomi...
MacPaw CleanMyMac X Input Validation Vulnerability (CNVD-2019-23279)
MacPaw CleanMyMac X is a cleaning tool dedicated to the macOS platform. The product is capable of removing junk files, history cache, logs, etc. from your computer. An input validation vulnerability exists in the MacPaw CleanMyMac X version 4.04 helper service, which can be exploited by a local...
chromium-browser: address spoofing in omnibox
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name...
chromium-browser: address spoofing in omnibox
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...
UBUNTU-CVE-2016-5149
The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging script access to a...
flash-plugin: multiple code execution issues fixed in APSB16-10
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors...
CVE-2016-0995
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execu...
CVE-2016-0972
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial o...
acroread: media.newplayer JavaScript API code execution vulnerability (APSB10-02)
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...
Broadcast memory corruption in Soldier of Fortune II 1.03
Luigi Auriemma Application: Soldier of Fortune II http://sof2.ravensoft.com Versions: = 1.03 gold Platforms: Windows, Linux and MacOS Bug: memory corruption Exploitation: remote, versus server and clients broadcast Date: 23 November 2004 Author: Luigi Auriemma e-mail: [email protected] web:...