Lucene search
+L

344 matches found

CVE
CVE
added 2015/08/16 11:0 p.m.60 views

CVE-2015-5750

CVE-2015-5750 affects Apple OS X Data Detectors Engine prior to 10.10.5. A crafted sequence of Unicode characters could cause memory corruption, enabling arbitrary code execution or a denial of service. Affected component is Data Detectors Engine; root cause is memory corruption from Unicode proc...

7.5CVSS9.2AI score0.02325EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/08/16 11:0 p.m.24 views

CVE-2015-5750

Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted series of Unicode characters...

9.3AI score0.02325EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2015/05/26 11:7 p.m.13 views

This Simple Text Message Can Crash and Reboot Your iPhone

A newly discovered bug in Apple's iOS mobile operating system has emerged this evening that lets iPhone users crash another user’s iPhone by just sending a tiny string of text characters in a message. The bug is related to the Messages app and the notification system used by iPhone and iPad devic...

6.6AI score
Exploits0
OpenVAS
OpenVAS
added 2014/09/22 12:0 a.m.32 views

Apple Mac OS X Multiple Vulnerabilities -08 (Sep 2014)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS5.1AI score0.02751EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2014/08/25 12:0 a.m.31 views

Apple Safari Multiple Memory Corruption Vulnerabilities-03 (Aug 2014) - Mac OS X

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

6.8CVSS7.9AI score0.02561EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

TippingPoint IPS Unicode Character Detection Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24855/info TippingPoint IPS is prone to a detection-bypass vulnerability because the appliance fails to properly handle Unicode characters. A successful exploit of this issue may allow an attacker to bypass the filter and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12574/info It is reported that ASP.NET is prone to various cross-site scripting attacks. These issues when ASP.NET converts Unicode characters ranging from U+ff00-U+ff60 to ASCII. Apparently, the application fails to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Apache Struts < 2.2.0 - Remote Command Execution

No description provided by source. $Id: strutscodeexec.rb 13586 2011-08-19 05:59:32Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

michael lamont savant http server 2.1 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2697/info It is possible for an attacker to traverse the web folders of a Savant HTTP Server. Submitting a URL referring to a known directory or file, and appended with specific unicode characters, will disclose the...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/05/29 12:0 a.m.120 views

APPLE-SA-2014-05-21-1 Safari 6.1.4 and Safari 7.0.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-05-21-1 Safari 6.1.4 and Safari 7.0.4 Safari 6.1.4 and Safari 7.0.4 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3 Impact...

7.5CVSS0.1AI score0.03252EPSS
Exploits0
ThreatPost
ThreatPost
added 2014/05/23 9:3 a.m.37 views

May 2014 Apple Safari Browser Security Patches

Apple released an update to Safari yesterday patching 22 vulnerabilities in the WebKit browser engine that allow code execution or a browser crash. Safari 7.0.4 is available for OS X Mavericks 10.9 and Safari 6.1.4 for OS X Mountain Lion 10.8. The vulnerabilities could be exploited if the user wa...

7.5CVSS9.4AI score0.03252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/05/23 12:0 a.m.30 views

Safari < 6.1.4 / 7.0.4 Multiple Vulnerabilities

Binary data 8264.prm...

7.5CVSS8.9AI score0.03252EPSS
Exploits0References24
Prion
Prion
added 2014/04/29 2:38 p.m.9 views

Code injection

Simple Machines Forum SMF 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username...

7.5CVSS7.3AI score0.01527EPSS
Exploits0References4Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2014/04/03 12:0 a.m.34 views

Microsoft Internet Explorer Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS4.7AI score0.2184EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2014/02/04 12:0 a.m.21 views

Pidgin < 2.10.8 Multiple Vulnerabilities

The version of Pidgin installed on the remote host is a version prior to 2.10.8. It is, therefore, potentially affected by the following vulnerabilities : - The bundled version of Pango has an error that can lead to an application crash when rendering fonts and attempting to display certain Unico...

10CVSS5.8AI score0.14809EPSS
Exploits0References32
Prion
Prion
added 2013/10/24 3:48 a.m.20 views

Design/Logic Flaw

LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequence...

5CVSS6.2AI score0.01042EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.55 views

Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1837, CVE-2009-1838, CVE-2009-1841...

9.3CVSS8.2AI score0.09282EPSS
Exploits9References12
The Hacker News
The Hacker News
added 2012/03/20 2:57 p.m.18 views

Exclusive - Source Code Spoofing with HTML5 and the LRO Character

Exclusive - Source Code Spoofing with HTML5 and the LRO Character Article Written by John Kurlak for The Hacker News,He is senior studying Computer Science at Virginia Tech. Today John will teach us that How to Spoof the Source Code of a web page. For example, Open and Try to View Source Code of...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2012/03/14 12:0 a.m.26 views

Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)

This host has moderate security update missing according to Microsoft Bulletin MS12-019. OpenVAS Vulnerability Test $Id: secpodms12-019.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows DirectWrite Denial of Service Vulnerability 2665364 Authors: Antu Sanadi Copyright: Copyright c 2012 SecPo...

4.3CVSS6.5AI score0.14804EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/03/14 12:0 a.m.16 views

Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)

This host has moderate security update missing according to Microsoft Bulletin MS12-019. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5.1AI score0.14804EPSS
Exploits1References3
Rows per page
Query Builder