CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4649 – Apple Security Advisory 2016-07-18-1
https://notcve.org/view.php?id=CVE-2016-4649
19 Jul 2016 — Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. Audio en Apple OS X en versiones anteriores a 10.11.6 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code execution, information disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4634 – Apple Security Advisory 2016-07-18-1
https://notcve.org/view.php?id=CVE-2016-4634
19 Jul 2016 — The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. El subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria) a través vectores no especificados. OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code execution, infor... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 9%CPEs: 7EXPL: 0CVE-2016-4615 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4615
19 Jul 2016 — libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619. libxml2 en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4648 – Apple OS X DspFuncLib Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4648
19 Jul 2016 — Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. Audio en Apple OS X en versiones anteriores a 10.11.6 permite a usuarios locales obtener información sensible de la estructura de memoria del kernel o provocar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. This vulnerability allows local attackers to execute arbitrary code on vulnerab... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 94%CPEs: 1EXPL: 0CVE-2014-9862 – Ubuntu Security Notice USN-4500-1
https://notcve.org/view.php?id=CVE-2014-9862
19 Jul 2016 — Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. Error de entero sin signo en bspatch.c en bspatch en bsdiff, como se utiliza en Apple OS X en versiones anteriores a 10.11.6 y otros productos, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de buffe... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2016-4625 – Apple macOS 10.12 - 'task_t' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-4625
19 Jul 2016 — Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors. Vulnerabilidad de uso después de liberación de memoria en IOSurface en Apple OS X en versiones anteriores a 10.11.6 permite a usuarios locales obtener privilegios a través vectores no especificados. OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code execution, information disclosure, and various other vulnerabilities. • https://packetstorm.news/files/id/139354 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2015-7987
https://notcve.org/view.php?id=CVE-2015-7987
26 Jun 2016 — Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. Múltiples desbordamientos de buffer en mDNSResponder en versiones anteriores a 625.41.2 permiten a atacantes remotos leer o escribir en posiciones de memoria fuera de los límites a través de vectores implicando la función (1) GetValueForIPv4Ad... • http://www.kb.cert.org/vuls/id/143335 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2015-7988
https://notcve.org/view.php?id=CVE-2015-7988
26 Jun 2016 — The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. La función handle_regservice_request en mDNSResponder en versiones anteriores a 625.41.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. • http://www.kb.cert.org/vuls/id/143335 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1860
https://notcve.org/view.php?id=CVE-2016-1860
19 Jun 2016 — Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862. Intel Graphics Driver en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2016-1862. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1862
https://notcve.org/view.php?id=CVE-2016-1862
19 Jun 2016 — Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860. Intel Graphics Driver en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes obtener información sensible de la estructura del kernel a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2016-1860. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •