CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4602
https://notcve.org/view.php?id=CVE-2016-4602
19 Jul 2016 — QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4600. QuickTime en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una imagen de mapa de bits FlashPix manipulada, una vulnerabilidad dif... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 94%CPEs: 1EXPL: 0CVE-2014-9862
https://notcve.org/view.php?id=CVE-2014-9862
19 Jul 2016 — Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. Error de entero sin signo en bspatch.c en bspatch en bsdiff, como se utiliza en Apple OS X en versiones anteriores a 10.11.6 y otros productos, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de buffe... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2016-1863 – Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
https://notcve.org/view.php?id=CVE-2016-1863
19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar ... • https://www.exploit-db.com/exploits/40652 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4594
https://notcve.org/view.php?id=CVE-2016-4594
19 Jul 2016 — The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. El componente Sandbox Profiles en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes acceder a la lista de procesos a través de una aplicación manipulada que hace una llama... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-4599
https://notcve.org/view.php?id=CVE-2016-4599
19 Jul 2016 — QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document. QuickTime en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un documento de Photoshop manipulado. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 0CVE-2016-4607
https://notcve.org/view.php?id=CVE-2016-4607
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones a ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4582
https://notcve.org/view.php?id=CVE-2016-4582
19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4596
https://notcve.org/view.php?id=CVE-2016-4596
19 Jul 2016 — QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602. QuickTime en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través una imagen de mapa de bits FlashPix manipulada, una vulnerabilidad difere... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-4598
https://notcve.org/view.php?id=CVE-2016-4598
19 Jul 2016 — QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image. QuickTime en Apple OS X en versiones anteriores a 10.11.6 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de una imagen manipulada. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2015-7987
https://notcve.org/view.php?id=CVE-2015-7987
26 Jun 2016 — Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. Múltiples desbordamientos de buffer en mDNSResponder en versiones anteriores a 625.41.2 permiten a atacantes remotos leer o escribir en posiciones de memoria fuera de los límites a través de vectores implicando la función (1) GetValueForIPv4Ad... • http://www.kb.cert.org/vuls/id/143335 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •