CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5858 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5858
18 Sep 2015 — The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL. Vulnerabilidad en el componente CFNetwork HTTPProtocol en Apple iOS en versiones anteriores a 9, permite a atacantes remotos eludir el mecanismo de protección HSTS, y consecuentemente obtener información sensible, a través de una URL manipulada. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabil... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5860 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5860
18 Sep 2015 — The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site. Vulnerabilidad en el componente CFNetwork HTTPProtocol en Apple iOS en versiones anteriores a 9, no maneja correctamente el estado HSTS, lo que permite a atacantes remotos eludir el mecanismo de protección private-browsing de Safari y rastrear a los usuarios a través de un sitio web manipulado. OS X ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 3%CPEs: 3EXPL: 0CVE-2015-5862 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5862
18 Sep 2015 — The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file. Vulnerabilidad en el componente Audio en Apple iOS en versiones anteriores a 9, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo de audio manipulado. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5863 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5863
18 Sep 2015 — IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive information from kernel memory via unknown vectors. Vulnerabilidad en IOStorageFamily en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectores desconocidos. OS X El Capitan 10.11 is now available and addres... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5867 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5867
18 Sep 2015 — IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Vulnerabilidad en IOHIDFamily en Apple iOS en versiones anteriores a 9, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5882 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5882
18 Sep 2015 — The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges. Vulnerabilidad en la implementación processor_set_tasks API en Apple iOS en versiones anteriores a 9, permite a usuarios locales eludir el mecanismo de protección de derechos y obtener acceso a los puertos de tareas de procesos arbitrarios mediante el aprovechamiento de los privilegios de ro... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 1%CPEs: 3EXPL: 0CVE-2015-5885 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5885
18 Sep 2015 — The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vectors involving a cookie for a top-level domain. Vulnerabilidad en el componente CFNetwork Cookies en Apple iOS en versiones anteriores a 9, permite a atacantes remotos rastrear usuarios a través de vectores que involucran una cookie para un dominio top-level. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5896 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5896
18 Sep 2015 — The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903. Vulnerabilidad en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5868 y CVE-2015-5903. OS X El Capitan 10.11 is ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5898 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5898
18 Sep 2015 — CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID. Vulnerabilidad en CFNetwork en Apple iOS en versiones anteriores a 9, confía en el UID de hardware para su clave de cifrado caché, lo que facilita a atacantes físicamente próximos obtener información sensible mediante la obtención de este UID . iOS 9 is now available and addresses denial of service, informatio... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5899 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5899
18 Sep 2015 — libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Vulnerabilidad en libpthread en el kernel en Apple iOS en versiones anteriores a 9, permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •