IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171512.
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.
A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.
обновление безопасности