Show filters
757 Total Results
Displaying 31-40 of 757
Sort by:
Attacker Value
Unknown

CVE-2010-1821

Disclosure Date: April 13, 2017 (last updated November 26, 2024)
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
0
Attacker Value
Unknown

CVE-2016-4694

Disclosure Date: September 25, 2016 (last updated November 25, 2024)
The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue, a related issue to CVE-2016-5387.
0
Attacker Value
Unknown

CVE-2016-4754

Disclosure Date: September 25, 2016 (last updated November 25, 2024)
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
0
Attacker Value
Unknown

CVE-2016-5131

Disclosure Date: July 23, 2016 (last updated November 08, 2023)
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
0
Attacker Value
Unknown

CVE-2016-4447

Disclosure Date: June 09, 2016 (last updated November 25, 2024)
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
0
Attacker Value
Unknown

CVE-2016-4448

Disclosure Date: June 09, 2016 (last updated November 25, 2024)
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
Attacker Value
Unknown

CVE-2016-0718

Disclosure Date: May 26, 2016 (last updated November 25, 2024)
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Attacker Value
Unknown

CVE-2016-1838

Disclosure Date: May 20, 2016 (last updated November 25, 2024)
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
0
Attacker Value
Unknown

CVE-2016-1839

Disclosure Date: May 20, 2016 (last updated November 25, 2024)
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
0
Attacker Value
Unknown

CVE-2016-1840

Disclosure Date: May 20, 2016 (last updated November 25, 2024)
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
0