CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7073 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7073
10 Dec 2015 — Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake. Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída ... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 3CVE-2015-7084 – Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free
https://notcve.org/view.php?id=CVE-2015-7084
10 Dec 2015 — The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083. El kernel en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corr... • https://packetstorm.news/files/id/135436 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7094 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7094
10 Dec 2015 — CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL. CFNetwork HTTPProtocol en Apple iOS en versiones anteriores a 9.2 y OS X en versiones anteriores a 10.11.2 permite a atacantes man-in-the-middle eludir los mecanismos de protección HSTS a través de una URL manipulada. OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-7074 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7074
10 Dec 2015 — CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. CoreMedia Playback en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2 y tvOS en versiones anteriores a 9.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un archivo multimedia mal formad... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7075 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7075
10 Dec 2015 — CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. CoreMedia Playback en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7076 – Apple Security Advisory 2015-12-08-3
https://notcve.org/view.php?id=CVE-2015-7076
10 Dec 2015 — The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. El componente Intel Graphics Driver en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios o causar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnera... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2015-7077 – Apple Mac OSX - 'gst_configure' Kernel Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-7077
10 Dec 2015 — The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors. El componente Intel Graphics Driver en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios o causar una denegación de servicio (acceso a memoria fuera de rango) a través de vectores no especificados. The external method 0x206 of IGAccelGLContext is gst_configure. This method takes an ... • https://packetstorm.news/files/id/135434 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2015-7078 – Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free
https://notcve.org/view.php?id=CVE-2015-7078
10 Dec 2015 — Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects. Vulnerabilidad de uso después de liberación de memoria en Hypervisor en Apple OS X en versiones anteriores a 10.11.2 permite a usuarios locales obtener privilegios a través de vectores que involucran objetos VM. The hv_space lock group gets an extra ref dropped when you kill a process with an AppleHV userclient; one via IOService::terminateWorker calling the AppleHV... • https://packetstorm.news/files/id/135432 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7081 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-7081
10 Dec 2015 — iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. iBooks en Apple iOS en versiones anteriores a 9.2 y OS X en versiones anteriores a 10.11.2 permite a atacantes remotos leer archivos arbitrarios a través de un archivo de iBooks que contiene una declaración de entidad externa XML en conjunción con una refe... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2015-7083 – Apple Mac OSX / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow
https://notcve.org/view.php?id=CVE-2015-7083
10 Dec 2015 — The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084. El kernel en Apple iOS en versiones anteriores a 9.2, OS X en versiones anteriores a 10.11.2, tvOS en versiones anteriores a 9.1 y watchOS en versiones anteriores a 2.1 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corr... • https://packetstorm.news/files/id/135428 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •