CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2015-3807 – Apple Security Advisory 2015-12-08-1
https://notcve.org/view.php?id=CVE-2015-3807
13 Aug 2015 — libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document. Vulnerabilidad en libxml2 en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos obtener información sensible de la memoria del proceso o causar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. OS X... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 3%CPEs: 17EXPL: 0CVE-2015-1819 – libxml2: denial of service processing a crafted XML document
https://notcve.org/view.php?id=CVE-2015-1819
07 Jul 2015 — The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Vulnerabilidad en el xmlreader en libxml, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de datos XML manipulados, relacionada con un ataque XML Entity Expansión (XEE). A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 9%CPEs: 3EXPL: 0CVE-2015-1102 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1102
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 no maneja correctamente las cabeceras TCP, lo que permite a atacantes man-in-the-middle causar una denegación de servicio a través de vectores no especificados. OS X Yosemite 10.10.3 and Security ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1118 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1118
09 Apr 2015 — libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile. libnetcore en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un perfil de configuración manipulado. OS X Yosemite 10.10.3 and Security Update 2015-004 a... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1095 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1095
09 Apr 2015 — IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HID device. IOHIDFamily en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes físicamente próximos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un dispositivo HID manipulado. OS X Yosemite 10... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 0CVE-2015-1123 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1123
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3 and Apple TV before 7.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-3 and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2015-1121 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1121
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1114 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1114
09 Apr 2015 — The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app. El componente Sandbox Profiles en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes descubrir los identificadores de hardware a través de una aplicación manipulada. Apple TV 7.2 is now available and addresses information disclosure, code execution, memory disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0CVE-2015-1104 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1104
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 no determina correctamente si un paquete tenía un origen local, lo que permite a atacantes remotos evadir el mecanismo de protección del filtrado... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2015-1122 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1122
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •