CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2015-7110 – Apple Mac OSX / iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
https://notcve.org/view.php?id=CVE-2015-7110
10 Dec 2015 — The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image. El componente Disk Images en Apple OS X en versiones anteriores a 10.11.2 y tvOS en versiones anteriores a 9.1 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de una imagen de disco manipulada. iOS / OS X kernels suffer from a use-after-free / double free ... • https://packetstorm.news/files/id/135437 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7111 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7111
10 Dec 2015 — The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112. La API IOHIDFamily en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes ejecutar código arbitrario ... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2015-7112 – Apple Mac OSX / iOS - Double-Delete IOHIDEventQueue::start Code Execution
https://notcve.org/view.php?id=CVE-2015-7112
10 Dec 2015 — The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111. La API Family en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes ejecutar código arbitrario en un... • https://packetstorm.news/files/id/135427 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 7%CPEs: 114EXPL: 0CVE-2015-8472 – libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
https://notcve.org/view.php?id=CVE-2015-8472
10 Dec 2015 — Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126. Desbordamiento de buffer en la función png_set_PLTE en libpng e... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7001 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7001
10 Dec 2015 — AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app. AppSandbox en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 no maneja correctamente enlaces duros, lo que permite a atacantes eludir la revocación de acceso a Contacts a través de una aplicación manipula... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 3%CPEs: 4EXPL: 0CVE-2015-7038 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7038
10 Dec 2015 — Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039. Desbordamiento del buffer en libc en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, ... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 12%CPEs: 4EXPL: 1CVE-2015-7039 – Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-7039
10 Dec 2015 — Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038. Desbordamiento del buffer en libc en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, ... • https://www.exploit-db.com/exploits/38917 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7040 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7040
10 Dec 2015 — The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043. El kernel en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes provocar una denegación de servicio a través de una aplicación manipulada, una vu... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7041 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7041
10 Dec 2015 — The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043. El kernel en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes provocar una denegación de servicio a través de una aplicación manipulada, una vu... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7042 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7042
10 Dec 2015 — The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043. El kernel en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes provocar una denegación de servicio a través de una aplicación manipulada, una vu... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html •