CVSS: 8.8EPSS: 12%CPEs: 5EXPL: 2CVE-2017-13797 – WebKit - 'WebCore::PositionIterator::decrement' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13797
13 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145086 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13844 – Apple Security Advisory 2017-10-31-1
https://notcve.org/view.php?id=CVE-2017-13844
02 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Messages" component. It allows physically proximate attackers to view arbitrary photos via a Reply With Message action in the lock-screen state. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.1 se han visto afectadas. • http://www.securityfocus.com/bid/102099 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7113 – Apple Security Advisory 2017-10-31-1
https://notcve.org/view.php?id=CVE-2017-7113
02 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "UIKit" component. It allows attackers to bypass intended read restrictions for secure text fields via vectors involving a focus-change event. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.1 se han visto afectadas. • http://www.securitytracker.com/id/1039703 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13805 – Apple Security Advisory 2017-10-31-1
https://notcve.org/view.php?id=CVE-2017-13805
02 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to obtain sensitive information via a Siri request for private-content notifications that should not have been available in the lock-screen state. Se ha descubierto un problema en algunos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.1. • http://www.securitytracker.com/id/1039703 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 21%CPEs: 7EXPL: 2CVE-2017-13783 – WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-13783
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145090 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13793 – Apple Safari Node Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-13793
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1039703 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 21%CPEs: 7EXPL: 2CVE-2017-13798 – WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13798
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-13804 – Apple Security Advisory 2017-10-31-2
https://notcve.org/view.php?id=CVE-2017-13804
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attackers to write to unintended pathnames via a crafted ZIP archive. Se ha descubierto un problema en algunos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.1, las versiones de macOS anteriores a la 10.13.1, las versiones de tvOS anteri... • http://www.securitytracker.com/id/1039703 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 21%CPEs: 7EXPL: 2CVE-2017-13785 – WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-13785
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145088 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 21%CPEs: 7EXPL: 2CVE-2017-13796 – WebKit - 'WebCore::TreeScope::documentScope' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13796
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145084 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •