CVSS: 7.5EPSS: 6%CPEs: 3EXPL: 0CVE-2015-1103 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1103
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 makes routing changes in response to ICMP_REDIRECT messages, which allows remote attackers to cause a denial of service (network outage) or obtain sensitive packet-content information via a crafted ICMP packet. kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 hace cambios de rutas en respuesta a mensajes ICMP_REDIRECT, lo que permite a atacantes remotos causar una denegación de ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1099 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1099
09 Apr 2015 — Race condition in the setreuid system-call implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service via a crafted app. Condición de carrera en la implementación de llamadas al sistema setreuid en el kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes causar una denegación de servicio a través de una aplicación manipulada. OS X Yosemite 10.10.3 and Securit... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1092 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1092
09 Apr 2015 — NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NSXMLParser en Foundation en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes remotos leer ficheros arbitrarios a través de una declaración de entidad externa en conjunto con una referencia de entidad, relacionado con una problema de entidad ext... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1096 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1096
09 Apr 2015 — IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. IOHIDFamily en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes obtener información sensible sobre la memoria del kernel a través de una aplicación manipulada. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, inf... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2015-1124 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1124
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2015-1119 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1119
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 3CVE-2015-1100 – Apple Mac OSX - Local Denial of Service
https://notcve.org/view.php?id=CVE-2015-1100
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes causar una denegación de servicio (acceso a memoria fuera de rango) u obtener información sensible del contenido de la memoria a través de una aplicación manipulada. O... • https://packetstorm.news/files/id/131508 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1094 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1094
09 Apr 2015 — IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. IOAcceleratorFamily en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes obtener información sensible sobre la memoria del kernel a través de una aplicación manipulada. Watch OS 1.0.1 is now available and addresses certificate issues, arbitrary code execution, XML external entity, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1097 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1097
09 Apr 2015 — IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. IOMobileFramebuffer en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes obtener información sensible sobre la memoria del kernel a través de una aplicación manipulada. Apple TV 7.2 is now available and addresses information disclosure, code execution, memory disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 23%CPEs: 3EXPL: 0CVE-2015-1105 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1105
09 Apr 2015 — The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets. La implementación TCP en el kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 no implementa correctamente el mecanismo Urgent (también conocido como datos fuera de banda), lo que permite a atacantes remo... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •