CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 5CVE-2016-1757 – Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution
https://notcve.org/view.php?id=CVE-2016-1757
22 Mar 2016 — Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app. Condición de carrera en el kernel en Apple iOS en versiones anteriores a 9.3 y OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar cógido arbitrario en un contexto privilegiado a través de una app manipulada. The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first ... • https://packetstorm.news/files/id/136351 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1759 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1759
22 Mar 2016 — The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El kernel en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corru... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 42%CPEs: 3EXPL: 0CVE-2016-1761 – Apple OS X XML Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1761
22 Mar 2016 — libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. libxml2 en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4 y watchOS en versiones anteriores a 2.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. This vulnerability al... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 16%CPEs: 1EXPL: 2CVE-2016-1767 – Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1767
22 Mar 2016 — QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768. QuickTime en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de una imagen FlashPix manipulada, una vulnerabilidad diferente a CVE-2016-1768. OS X El Capitan 10.11.4 and Security... • https://packetstorm.news/files/id/136486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 16%CPEs: 1EXPL: 2CVE-2016-1768 – Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1768
22 Mar 2016 — QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767. QuickTime en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de una imagen FlashPix manipulada, una vulnerabilidad diferente a CVE-2016-1767. OS X El Capitan 10.11.4 and Security... • https://packetstorm.news/files/id/136486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 16%CPEs: 1EXPL: 2CVE-2016-1769 – Apple QuickTime < 7.7.79.80.95 - '.PSD' Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2016-1769
22 Mar 2016 — QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file. QuickTime en Apple OS X en versiones anteriores a 10.11.4 permite a atacantes remotos ejecutar código arbitrario o causar un denegación de servicio (corrupción de memoria) a través de un archivo Photoshop manipulado. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and vari... • https://packetstorm.news/files/id/136486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 4EXPL: 0CVE-2016-1775 – Apple OS X TTF bdat Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1775
22 Mar 2016 — TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. TrueTypeScaler en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 33EXPL: 0CVE-2016-1950 – nss: Heap buffer overflow vulnerability in ASN1 certificate parsing (MFSA 2016-35)
https://notcve.org/view.php?id=CVE-2016-1950
09 Mar 2016 — Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. El desbordamiento de buffer basado en memoria dinámica en Mozilla Network Security Services (NSS) en versiones anteriores a 3.19.2.3 y 3.20.x y 3.21.x en versiones anteriores a 3.21.1, tal y como se utiliza en Mozilla ... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 9EXPL: 0CVE-2016-0802 – Apple Security Advisory 2016-03-21-2
https://notcve.org/view.php?id=CVE-2016-0802
07 Feb 2016 — The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181. El controlador Broadcom Wi-Fi en el kernel en Android 4.x en versiones anteriores a 4.4.4, 5.x en versiones anteriores a 5.1.1 LMY49G y 6.x en versiones anteriores a 2016-02-01 permite a atacantes remotos ejecutar código... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 24%CPEs: 9EXPL: 4CVE-2016-0801 – Google Android Broadcom Wi-Fi Driver - Memory Corruption
https://notcve.org/view.php?id=CVE-2016-0801
07 Feb 2016 — The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. El controlador Broadcom Wi-Fi en el kernel en Android 4.x en versiones anteriores a 4.4.4, 5.x en versiones anteriores a 5.1.1 LMY49G y 6.x en versiones anteriores a 2016-02-01 permite a atacantes remotos ejecutar código... • https://packetstorm.news/files/id/137036 • CWE-20: Improper Input Validation •