CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1788 – Apple Security Advisory 2016-03-21-2
https://notcve.org/view.php?id=CVE-2016-1788
22 Mar 2016 — Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages. Messages en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4 y watchOS en versiones anteriores a 2.2 no implementa correctamente un mecanismo de protección criptográfico, lo que permite a atacantes remotos leer contenidos adjuntos de lo... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-310: Cryptographic Issues •
CVSS: 8.4EPSS: 0%CPEs: 14EXPL: 0CVE-2015-7551 – ruby: DL:: dlopen could open a library with tainted library name
https://notcve.org/view.php?id=CVE-2015-7551
22 Mar 2016 — The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression. La implementación Fiddle::Handle en ext/fiddl... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796344 • CWE-20: Improper Input Validation CWE-267: Privilege Defined With Unsafe Actions •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1733 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1733
22 Mar 2016 — AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. AppleRAID en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corrup... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2016-1734 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1734
22 Mar 2016 — AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device. AppleUSBNetworking en Apple iOS en versiones anteriores a 9.3 y OS X en versiones anteriores a 10.11.4 permite a atacantes físicamente próximos ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de un disposit... • https://github.com/Manouchehri/CVE-2016-1734 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1735 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1735
22 Mar 2016 — Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736. Bluetooth en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada, una vulnerabilidad diferente a CVE-2016-1736. OS X El Capitan 10.11... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1736 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1736
22 Mar 2016 — Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735. Bluetooth en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada, una vulnerabilidad diferente a CVE-2016-1735. OS X El Capitan 10.11... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 4EXPL: 0CVE-2016-1740 – Apple OS X PDF Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1740
22 Mar 2016 — FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document. FontParser en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a t... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2016-1743 – Apple Intel HD 3000 Graphics Driver 10.0.0 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-1743
22 Mar 2016 — The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744. El controlador Intel en el subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de u... • https://packetstorm.news/files/id/136630 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2016-1744 – Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
https://notcve.org/view.php?id=CVE-2016-1744
22 Mar 2016 — The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743. El controlador Intel en el subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de u... • https://packetstorm.news/files/id/136354 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1746 – Apple OS X IOGraphicsFamily Untrusted Pointer Dereference Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1746
22 Mar 2016 — IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747. IOGraphics en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada, una vulnerabilidad diferente a CVE-2016-1747. This vulnerability ... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •