CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1844 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1844
17 May 2016 — The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors. El componente Messages en Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente cambios en las rotaciones, lo que permite a atacantes remotos modificar listas de contactos a través de vectores no especificados. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leaka... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2016-1846 – Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
https://notcve.org/view.php?id=CVE-2016-1846
17 May 2016 — The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app. El método nvCommandQueue::GetHandleIndex en el subsistema NVIDIA Graphics Drivers en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de serv... • https://packetstorm.news/files/id/137403 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 13%CPEs: 1EXPL: 1CVE-2016-1848 – Apple QuickTime - '.mov' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1848
17 May 2016 — QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. QuickTime en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo manipulado. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various ot... • https://www.exploit-db.com/exploits/39839 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1850 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1850
17 May 2016 — SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. SceneKit en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo manipulado. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various othe... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1851 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1851
17 May 2016 — The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors. La función Screen Locken Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente perfiles de contraseña, lo que permite a atacantes físicamente próximos restablecer contraseñas caducadas en el estado de bloqueo de pantalla a través de vectores no especificados. OS X El Capitan 10.11.5 and Secur... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1853 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1853
17 May 2016 — Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support. Tcl en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes remotos obtener información sensible aprovechando soporte SSLv2. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0CVE-2016-1817 – Apple OS X IOAcceleratorFamily2 Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1817
17 May 2016 — IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1818 and CVE-2016-1819. IOAcceleratorFamily en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1 permite a atacan... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0CVE-2016-1818 – Apple OS X AppleIntelHD5000Graphics Null Pointer Dereference Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1818
17 May 2016 — IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1819. IOAcceleratorFamily en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1 permite a atacan... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1820 – Apple OS X AppleHDA Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1820
17 May 2016 — Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app. Desbordamiento de buffer en IOAudioFamily en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerabili... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1822 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1822
17 May 2016 — IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. IOFireWireFamily en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution,... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •