CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1110 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1110
09 Apr 2015 — The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data. El componente Podcasts en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes remotos descubrir identificadores únicos mediante la lectura de datos de solicitudes de la descarga de activos. Apple TV 7.2 is now available and addresses information disclosure, code execution, memory disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1086 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1086
09 Apr 2015 — The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. El subsistema Audio Drivers en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 no valida correctamente los metadatos de objetos IOKit, lo que permite a atacantes remotos ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. Apple TV 7.2 is now availab... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 4%CPEs: 21EXPL: 0CVE-2015-1120 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1120
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1117 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1117
09 Apr 2015 — The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app. Las implementaciones de llamadas a sistemas (1) setreuid y (2) setregid en el kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 no realizan correctamente la elimina... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1101 – Apple OS X XNU HFS_GETPATH Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2015-1101
08 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. This vulnerability a... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1071 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1071
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, utilizado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1079 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1079
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memori... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1082 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1082
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memori... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1080 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1080
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memori... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1068 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1068
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, utilizado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •