CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1759 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1759
22 Mar 2016 — The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El kernel en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corru... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 42%CPEs: 3EXPL: 0CVE-2016-1761 – Apple OS X XML Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1761
22 Mar 2016 — libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. libxml2 en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4 y watchOS en versiones anteriores a 2.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. This vulnerability al... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 1%CPEs: 31EXPL: 1CVE-2016-1762 – libxml2: Heap-based buffer-overread in xmlNextChar
https://notcve.org/view.php?id=CVE-2016-1762
22 Mar 2016 — The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. La función xmlNextChar en libxml2 en versiones anteriores a 2.9.4 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de buffer basado en memoria dinámica) a través de un documento XML manipulado. It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into ... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-1764 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1764
22 Mar 2016 — The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL. La implementación de Content Security Policy (CSP) en Mensajes en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos obtener información sensibles a través de una URL javascript:. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various other vuln... • https://github.com/moloch--/cve-2016-1764 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 24%CPEs: 1EXPL: 2CVE-2016-1767 – Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1767
22 Mar 2016 — QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768. QuickTime en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de una imagen FlashPix manipulada, una vulnerabilidad diferente a CVE-2016-1768. OS X El Capitan 10.11.4 and Security... • https://packetstorm.news/files/id/136486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 24%CPEs: 1EXPL: 2CVE-2016-1768 – Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1768
22 Mar 2016 — QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767. QuickTime en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de una imagen FlashPix manipulada, una vulnerabilidad diferente a CVE-2016-1767. OS X El Capitan 10.11.4 and Security... • https://packetstorm.news/files/id/136486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 24%CPEs: 1EXPL: 2CVE-2016-1769 – Apple QuickTime < 7.7.79.80.95 - '.PSD' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1769
22 Mar 2016 — QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file. QuickTime en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de un archivo Photoshop manipulado. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and vari... • https://packetstorm.news/files/id/136486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1770 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1770
22 Mar 2016 — The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL. El componente Reminders en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes eludir un requisito destinado a la confirmación de usuario y desencadenar una acción de llamada a través de una URL tel:. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various ... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1773 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1773
22 Mar 2016 — The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors. El subsistema de firmado de código en Apple OS X en versiones anteriores a 10.11.4 no verifica correctamente el propietario del archivo, lo que permite a usuarios locales determinar la existencia de archivos arbitrarios a través de vectores no especificados. OS X El Capitan 10.11.4 and Security Update 2016-002 is now ... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 8%CPEs: 4EXPL: 0CVE-2016-1775 – Apple OS X TTF bdat Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1775
22 Mar 2016 — TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. TrueTypeScaler en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •