6 matches found
CVE-2016-0746
CVE-2016-0746 is a use-after-free in nginx’s resolver when processing DNS CNAME responses. The issue affects nginx versions before 1.8.1 and 1.9.x before 1.9.10; exploitation could crash worker processes or yield other unspecified impacts. Remediation per connected docs: upgrade to non‑vulnerable...
CVE-2016-0742
The CVE-2016-0742 issue affects nginx resolver prior to 1.8.1 and 1.9.x prior to 1.9.10. A crafted UDP DNS response can trigger an invalid pointer dereference, crashing a worker process and causing a denial of service. Affected component: resolver in nginx; root cause: dereference of invalid poin...
CVE-2016-0747
The CVE-2016-0747 entry affects nginx rescanner behavior: the resolver in nginx (versions prior to 1.8.1 and 1.9.x prior to 1.9.10) does not properly limit CNAME resolution, allowing remote attackers to cause denial of service via excessive name-resolution work. Public details across multiple sou...
CVE-2016-1765
CVE-2016-1765 is an Apple Xcode 7.3-era memory corruption issue in otool (and related memory handling) that allows a local attacker to gain privileges or cause a denial of service. Affected: Xcode prior to 7.3 on macOS (OS X El Capitan v10.11 and later). Root cause: memory corruption from imprope...
CVE-2016-4705
Apple Xcode 8 and earlier contain memory-corruption vulnerabilities in the otool component that can allow a local attacker to gain privileges or cause a denial of service (application crash). CVE-2016-4704 and CVE-2016-4705 are tied to this issue; Apple indicates these were addressed via memory-h...
CVE-2016-4704
CVE-2016-4704 affects Apple Xcode 8 and earlier, where the otool component may allow a local attacker to gain privileges or cause a denial of service via memory corruption. Apple’s security content for Xcode 8 documents multiple memory corruption issues addressed by improved memory handling, with...