Show filters
757 Total Results
Displaying 31-40 of 757
Sort by:
Attacker Value
Unknown
CVE-2010-1821
Disclosure Date: April 13, 2017 (last updated November 26, 2024)
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
0
Attacker Value
Unknown
CVE-2016-4694
Disclosure Date: September 25, 2016 (last updated November 25, 2024)
The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue, a related issue to CVE-2016-5387.
0
Attacker Value
Unknown
CVE-2016-4754
Disclosure Date: September 25, 2016 (last updated November 25, 2024)
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
0
Attacker Value
Unknown
CVE-2016-5131
Disclosure Date: July 23, 2016 (last updated November 08, 2023)
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
0
Attacker Value
Unknown
CVE-2016-4447
Disclosure Date: June 09, 2016 (last updated November 25, 2024)
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
0
Attacker Value
Unknown
CVE-2016-4448
Disclosure Date: June 09, 2016 (last updated November 25, 2024)
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
0
Attacker Value
Unknown
CVE-2016-0718
Disclosure Date: May 26, 2016 (last updated November 25, 2024)
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
0
Attacker Value
Unknown
CVE-2016-1838
Disclosure Date: May 20, 2016 (last updated November 25, 2024)
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
0
Attacker Value
Unknown
CVE-2016-1839
Disclosure Date: May 20, 2016 (last updated November 25, 2024)
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
0
Attacker Value
Unknown
CVE-2016-1840
Disclosure Date: May 20, 2016 (last updated November 25, 2024)
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
0