CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-7162 – Apple iOS backboardd Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-7162
25 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.2, las versiones de macOS anteriores a la 10.13.2, las ver... • https://support.apple.com/HT208325 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-7156 – Apple Security Advisory 2017-12-13-5
https://notcve.org/view.php?id=CVE-2017-7156
15 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/102181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-7157 – Apple Security Advisory 2017-12-13-5
https://notcve.org/view.php?id=CVE-2017-7157
15 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/102181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13903 – Apple Security Advisory 2017-12-13-2
https://notcve.org/view.php?id=CVE-2017-13903
15 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the application state by leveraging incorrect message handling, as demonstrated by use of an Apple Watch to obtain an encryption key and unlock a door. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.2.1 y las versiones de tvOS anteriores a la ... • http://www.securityfocus.com/bid/102182 •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13866 – Apple Safari DFG JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-13866
15 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/102181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13870 – Apple Safari MutationObserver Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-13870
15 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/102181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13856 – Apple Security Advisory 2017-12-13-5
https://notcve.org/view.php?id=CVE-2017-13856
15 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/102181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13860 – Apple Security Advisory 2017-12-6-2
https://notcve.org/view.php?id=CVE-2017-13860
08 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle attackers to read e-mail content by leveraging mishandling of S/MIME credential encryption. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.2 y las versiones de macOS anteriores a la 10.13.2. • http://www.securityfocus.com/bid/102097 •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 2CVE-2017-13847 – Apple macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient
https://notcve.org/view.php?id=CVE-2017-13847
08 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.2 y las versiones de macOS anteriores a la 10.13.2. • https://packetstorm.news/files/id/145361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2017-13876 – Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms
https://notcve.org/view.php?id=CVE-2017-13876
08 Dec 2017 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.2, las versiones de macOS anteriores a la 10.13.2, las ve... • https://packetstorm.news/files/id/145362 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •