CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2015-5922 – Apple Security Advisory 2015-09-30-03
https://notcve.org/view.php?id=CVE-2015-5922
01 Oct 2015 — Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Apple OS X before 10.11 and watchOS before 2, has unknown impact and attack vectors. Vulnerabilidad no especificada en International Components para Unicode (ICU) en versiones anteriores a 53.1.0, tal como se utiliza en Apple OS X en versiones anteriores a 10.11 y watchOS en versiones anteriores a 2, tiene un impacto y vectores de ataque desconocidos. OS X El Capitan 10.11 is now available and addresses close t... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5824 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5824
18 Sep 2015 — The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Vulnerabilidad en la implementación de NSURL en el componente CFNetwork SSL en Apple iOS en versiones anteriores a 9, no verifica adecuadamente los certificados X.509 de los servidores SSL después un cambio en el certificado, l... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5831 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5831
18 Sep 2015 — NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app. Vulnerabilidad en NetworkExtension en el kernel en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a atacantes obtener información sensible del memory-layout a través de una aplicación manipulada. OS X El Capitan 10.11 is now available ... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5839 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5839
18 Sep 2015 — dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file. Vulnerabilidad en dyld en Apple iOS en versiones anteriores a 9, permite a atacantes eludir el mecanismo de protección de firmado de código a través de una aplicación que coloca una firma manipulada en un archivo ejecutable. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-254: 7PK - Security Features •
CVSS: 5.5EPSS: 3%CPEs: 3EXPL: 0CVE-2015-5840 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5840
18 Sep 2015 — The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial of service (overflow fault and app crash) via crafted data. Vulnerabilidad en las rutinas de división checkint en removefile en Apple iOS en versiones anteriores a 9, permite a atacantes causar una denegación de servicio (fallo de desbordamiento y caída de la aplicación) a través de datos manipulados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior re... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5841 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5841
18 Sep 2015 — The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response. Vulnerabilidad en el componente CFNetwork Proxies en Apple iOS en versiones anteriores a 9, no maneja correctamente una cabecera Set-Cookie en una respuesta en una petición HTTP CONNECT, lo que permite a servidores proxy remotos realizar un ataque de cookie-injection a tra... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5842 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5842
18 Sep 2015 — XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows local users to obtain sensitive memory-layout information via unknown vectors. Vulnerabilidad en XNU en el kernel en Apple iOS en versiones anteriores a 9, no inicializa adecuadamente una estructura de datos no especificada, lo que permite a usuarios locales obtener información sensible de la estructura de memoria a través de vectores desconocidos. OS X El Capitan 10.11 is now available and addre... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5847 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5847
18 Sep 2015 — The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Vulnerabilidad en el componente Disk Images en Apple iOS en versiones anteriores a 9, permite a usuarios locales ganar privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5851 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5851
18 Sep 2015 — The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack. Vulnerabilidad en el inicializador de conveniencia en el componente Multipeer Connectivity en Apple iOS en versiones anteriores a 9, no requiere una sesión cifrada, lo que permite a usuarios locales obtener los datos multipeer en texto plano a través de un ataque encrypted... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 3%CPEs: 3EXPL: 0CVE-2015-5862 – Apple Security Advisory 2015-09-16-1
https://notcve.org/view.php?id=CVE-2015-5862
18 Sep 2015 — The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file. Vulnerabilidad en el componente Audio en Apple iOS en versiones anteriores a 9, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un archivo de audio manipulado. OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •