Information disclosure

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read via a crafted document, aka "Microsoft Office Information Disclosure...

CVE-2016-7265

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process...

Information disclosure

Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."...

Information disclosure

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service...

Information disclosure

The Common Log File System CLFS driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from...

Information disclosure

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."...

CVE-2016-7276

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read via a crafted document, aka "Microsoft Office Information Disclosure...

CVE-2016-7278

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."...

About the security content of iCloud for Windows 6.1

About the security content of iCloud for Windows 6.1 This document describes the security content of iCloud for Windows 6.1. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...

About the security content of iTunes 12.5.4 for Windows

About the security content of iTunes 12.5.4 for Windows This document describes the security content of iTunes 12.5.4 for Windows. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

The vulnerability of Microsoft Edge browser and the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of Microsoft Edge browser and the Windows operating system allows a perpetrator to obtain confidential information from the process memory...

Information disclosure

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a...

CVE-2016-7210

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a...

CVE-2015-2080

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak...

CVE-2015-2080

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak...

CVE-2015-2080

CVE-2015-2080 affects Eclipse Jetty; vulnerability in exception handling allows remote attackers to disclose sensitive memory contents via illegal characters in HTTP headers (JetLeak). Affected product: Jetty versions before 9.2.9.v20150224. Impact per sources: information disclosure; no integrit...

FontParser Buffer Overflow Vulnerability in Multiple Apple Products

Apple iOS and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems; watchOS is a smart watch FontParser is one ...

CVE-2016-4752

The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CFRETURNSRETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation...

CVE-2016-4718

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file...

Design/Logic Flaw

The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CFRETURNSRETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation...