Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mac Os X Server Security Vulnerabilities - 2015

cve
cve

CVE-2015-0228

The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.

8.8AI Score

0.041EPSS

2015-03-08 02:59 AM
456
4
cve
cve

CVE-2015-0253

The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation...

7.9AI Score

0.017EPSS

2015-07-20 11:59 PM
90
cve
cve

CVE-2015-3165

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session...

9.1AI Score

0.085EPSS

2015-05-28 02:59 PM
85
cve
cve

CVE-2015-3185

The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions...

6.6AI Score

0.004EPSS

2015-07-20 11:59 PM
1315
cve
cve

CVE-2015-5722

buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.

7.1AI Score

0.966EPSS

2015-09-05 02:59 AM
245
cve
cve

CVE-2015-5911

Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document.

8.6AI Score

0.003EPSS

2015-09-18 12:00 PM
32
cve
cve

CVE-2015-5986

openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.

8.6AI Score

0.958EPSS

2015-09-05 02:59 AM
348
2
cve
cve

CVE-2015-7031

The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.

6.1AI Score

0.003EPSS

2015-10-23 10:59 AM
34