CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1843 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1843
17 May 2016 — The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors. El componente Messages en Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente el nombre de archivo de codificación, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP fla... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1844 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1844
17 May 2016 — The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors. El componente Messages en Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente cambios en las rotaciones, lo que permite a atacantes remotos modificar listas de contactos a través de vectores no especificados. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leaka... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2016-1846 – Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
https://notcve.org/view.php?id=CVE-2016-1846
17 May 2016 — The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app. El método nvCommandQueue::GetHandleIndex en el subsistema NVIDIA Graphics Drivers en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de serv... • https://packetstorm.news/files/id/137403 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 13%CPEs: 1EXPL: 1CVE-2016-1848 – Apple QuickTime - '.mov' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1848
17 May 2016 — QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. QuickTime en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo manipulado. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various ot... • https://www.exploit-db.com/exploits/39839 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1850 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1850
17 May 2016 — SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. SceneKit en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo manipulado. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various othe... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1851 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1851
17 May 2016 — The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors. La función Screen Locken Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente perfiles de contraseña, lo que permite a atacantes físicamente próximos restablecer contraseñas caducadas en el estado de bloqueo de pantalla a través de vectores no especificados. OS X El Capitan 10.11.5 and Secur... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1853 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1853
17 May 2016 — Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support. Tcl en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes remotos obtener información sensible aprovechando soporte SSLv2. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1792 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1792
17 May 2016 — The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema de AMD en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execu... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2016-1793 – Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
https://notcve.org/view.php?id=CVE-2016-1793
17 May 2016 — AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. AppleGraphicsDeviceControlClient en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar denegación de servicio (referencia a puntero NULL) a través de una aplicación manipulada. OS X El Capitan 10.11.5 and Security Update 2016-00... • https://packetstorm.news/files/id/137401 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2016-1794 – Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
https://notcve.org/view.php?id=CVE-2016-1794
17 May 2016 — The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. El método AppleGraphicsControlClient::checkArguments en AppleGraphicsControl en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar una denegación de servicio (referencia a puntero NUL... • https://packetstorm.news/files/id/137402 •