CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4711 – Apple Security Advisory 2016-09-20-3
https://notcve.org/view.php?id=CVE-2016-4711
20 Sep 2016 — CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output. Crypt en corecrypto en CommonCrypto en Apple iOS en versiones anteriores a 10 y OS X en versiones anteriores a 10.12 permite a atacantes descubrir información en texto plano aprovechando una llamada a una función que especifica el mismo búfer para entrada y salida. The iOS 10 advisory has been u... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4718 – Apple Security Advisory 2016-09-20-5
https://notcve.org/view.php?id=CVE-2016-4718
20 Sep 2016 — Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file. Desbordamiento de búfer en FontParser en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos obtener información sensible del proceso de memoria a través de una fuente de arch... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-4738 – Ubuntu Security Notice USN-3271-1
https://notcve.org/view.php?id=CVE-2016-4738
20 Sep 2016 — libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. libxslt en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4773 – Apple Security Advisory 2016-09-20-5
https://notcve.org/view.php?id=CVE-2016-4773
20 Sep 2016 — The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776. El kernel en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes obtener información sensible de estructura... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4775 – Apple Security Advisory 2016-09-20-5
https://notcve.org/view.php?id=CVE-2016-4775
20 Sep 2016 — The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. El kernel en Apple OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. The tvOS 10 advisory has been released to descr... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 10%CPEs: 17EXPL: 0CVE-2016-5131 – libxml2: Use after free triggered by XPointer paths beginning with range-to
https://notcve.org/view.php?id=CVE-2016-5131
23 Jul 2016 — Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. Vulnerabilidad de uso después de liberación de memoria en libxml2 hasta la versión 2.9.4, como se utiliza en Google Chrome en versiones anteriores a 52.0.2743.82, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto ... • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4653 – Apple OS X IOPMrootDomain Memory Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4653
20 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 0CVE-2016-4632 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4632
19 Jul 2016 — ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. ImageIO en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados. OS X El Capitan ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1865 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-1865
19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. OS X... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4595 – Apple Security Advisory 2016-07-18-1
https://notcve.org/view.php?id=CVE-2016-4595
19 Jul 2016 — Safari Login AutoFill in Apple OS X before 10.11.6 allows physically proximate attackers to discover passwords by reading the screen during the login procedure. Safari Login AutoFill en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes físicamente próximos descubrir contraseñas leyendo la pantalla durante el proceso de inicio de sesión. OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code execution, information disclosure, and various other vulne... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •