CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 1CVE-2016-4630 – Apple Security Advisory 2016-07-18-1
https://notcve.org/view.php?id=CVE-2016-4630
19 Jul 2016 — ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression. ImageIO en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una imagen EXR manipulada con compresión B44. OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2016-4610 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4610
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones an... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4638 – Apple OS X WindowServer _XSetApplicationBindingsForWorkspaces Type Confusion Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4638
19 Jul 2016 — Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion." Login Window en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes obtener privilegios a través de una aplicación manipulada que aprovecha una "confusión de tipo". This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a m... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4639 – Apple OS X WindowServer Memory Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4639
19 Jul 2016 — Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors. Login Window en Apple OS X en versiones anteriores a 10.11.6 no inicializa correctamente la memoria, lo que permite a usuarios locales provocar una denegación de servicio a través de vectores no especificados. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to e... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4600 – Apple Security Advisory 2016-07-18-1
https://notcve.org/view.php?id=CVE-2016-4600
19 Jul 2016 — QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602. QuickTime en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una imagen de mapa de bits FlashPix manipulada, una vulnerabilidad dif... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4597 – Apple Security Advisory 2016-07-18-1
https://notcve.org/view.php?id=CVE-2016-4597
19 Jul 2016 — QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602. QuickTime en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una imagen de mapa de bits FlashPix manipulada, una vulnerabilidad dif... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4626 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4626
19 Jul 2016 — IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. IOHIDFamily en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (referencia a puntero NULL)... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2016-1863 – Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
https://notcve.org/view.php?id=CVE-2016-1863
19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar ... • https://packetstorm.news/files/id/139353 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 9%CPEs: 7EXPL: 0CVE-2016-4614 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4614
19 Jul 2016 — libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-2016-4616, and CVE-2016-4619. libxml2 en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4635 – Apple Security Advisory 2016-07-18-2
https://notcve.org/view.php?id=CVE-2016-4635
19 Jul 2016 — FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors. FaceTime en Apple iOS en versiones anteriores a 9.3.3 y OS X en versiones anteriores a 10.11.6 permite a atacantes man-in-the-middle suplantar la retransmisión de llamada y obtener información de audio sensible en circunstancias oportunistas, a través de vectores no especificados. OS X ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •