CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1795 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1795
17 May 2016 — AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. AppleGraphicsPowerManagement en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and a... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1796 – Apple OS X libATSServer Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1796
17 May 2016 — Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app. Apple Type Services (ATS) en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes obtener información sensible de la estructura de memoria del kernel o causar una denegación de servicio (acceso a memoria fuera de rango) a través de una app manipulada. This vulnerability allows attackers to execut... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2016-1797 – Apple OS X fontd Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2016-1797
17 May 2016 — Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app. Apple Type Services (ATS) en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes eludir las restricciones de política de sandbox destinadas a FontValidator y ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. This vulnerability allows remote attackers to execu... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1799 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1799
17 May 2016 — Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Audio en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, informatio... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1800 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1800
17 May 2016 — Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. Captive Network Assistant en Apple OS X en versiones anteriores a 10.11.5 no maneja correctamente un esquema de URL personalizado, lo que permite a atacantes remotos asistidos por un usuario ejecutar código arbitrario a través de vectores no especificados. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2016-1804 – Apple OS X WindowServer Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1804
17 May 2016 — The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema Multi-Touch de Apple en OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. This vulnerability allows local attackers to execute arbitrary code on vulnera... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1805 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1805
17 May 2016 — CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app. CoeStoage en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available and addresses code execution, PHP flaws, information leakage, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2016-1806 – Apple OS X SubmitDiagInfo Arbitrary Directory Creation Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1806
17 May 2016 — Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app. Crash Reporter en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious ... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1808 – Apple OS X IOHDIXController Untrusted Pointer Dereference Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1808
17 May 2016 — The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema Disk Images en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a 2.2.1 permite a atacantes ejecutar código arbitrario en un contexto privil... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1810 – Apple Security Advisory 2016-05-16-4
https://notcve.org/view.php?id=CVE-2016-1810
17 May 2016 — The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.5 and Security Update 2016-003 is now available a... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •